reddit hackernews mail facebook facebook linkedin


Kscan is an asset mapping tool.

An intranet comprehensive scanning tool, which is convenient for automatic and omnidirectional missed scanning. It supports host survival detection, port scanning, explosion of common services, ms17010, Redis batch public key writing, planned task rebound shell, reading win network card information, web fingerprint identification, web vulnerability scanning, netbios detection, domain control identification and other functions.

1.Information collection:
- Survival detection(icmp)
- Port scanning

- Various service blasting(ssh、smb、rdp, etc.)
- Database password blasting(mysql、mssql、redis、psql、oracle, etc.)

3.System information, vulnerability scanning:
- Netbios detection, domain control identification
- Collect NIC information
- High Risk Vulnerability Scanning(ms17010, etc.)

4.Web detection:
- Webtitle detection
- Web fingerprinting (cms, oa framework, etc.)
- Web vulnerability scanning (weblogic, st2, etc., also supports xray poc)

- Write redis public key and scheduled tasks
- Excute ssh command
- Use the ms17017 vulnerability (implanted shellcode), such as adding users, etc.

- Save ouput result