Search the Community

Zscan is an open-source collection of Intranet port scanners, blasting tools, and other utilities. Based on host discovery and port scanning, you can blow up mysql, MSSQL, Redis, Mongo, Postgres, FTP, SSH, and other services. Other scanning functions include NetBIOS, SMB, OXID, SOCKS Server (scanning proxy servers on the Intranet), SNMP, and MS17010. Each module has its own unique functions such as SSH, which also supports user name, password, and public key login, traverses the host based on the private key and can execute commands after all services are blown up successfully. In addition to basic scanning and service blasting, Webtitle capture and fingerprint recognition are also supported, ZScan integrates the nc module (connect and listen), HTTPServer module (support for downloading files, uploading files, and authentication), SOcks5 module (start a proxy server). There is also the ALL module, which calls all the other scanning and blasting modules during the scan. Built-in proxy functionality. Module Existing modules： ping: Ping is invoked for common users, and ICMP packets are used for root users ps: Port scan and get httptitle all: Call all scan and burst modules for scanning ssh: Username and password blasting, SSH username and password login, public key login mysql/mssql/mongo/redis/postgres/ftp:Username password blasting and execute simple commands proxyfind: Scan the proxy in the network, currently support SOCKS4/5, later add HTTP ms17010: ms17010 Vulnerability batch scanning snmp: snmp scan winscan: Includes OXID, SMB, NETBIOS scanning functions nc: A simple nc, can start the port to connect the port socks5: Start a SOcks5 server httpserver: Start an HTTP server that supports identity authentication and file uploading Tool edge🚀 The command is simple and convenient, and the function of the module is simple and clear, which is convenient to expand and add various new functions Not just a scanner, but also integrated with a variety of common utility features, built-in proxy capabilities, can be called a toolkit Port scanning and blasting are seamlessly connected, greatly improving the scanning speed: This advantage is fully reflected in the ALL module. In the process of multi-threaded port scanning, open ports will be judged. If a port can be blasted, another multi-thread will be immediately opened in the current thread for blasting. Significantly increase speed. The procedure of obtaining an open port before blasting is reduced Beautiful and easy to read output format: through color differentiation, not only output during the process, but also generate scan results at the end of the scan, showing all scan and blasting results during the process (introduce), and support to record the scan results to a file Not only can the service be blasted, but the command can be executed successfully Under development, if you find any problems or bugs, or any novel and interesting functional requirements can contact me [hide][Hidden Content]]