zangcc / aakian-facai Goto Github PK

基于前端vue框架的JavaFx图形化GUI漏洞扫描工具，支持一键扫描vue-manage-system系统前端泄露的未授权目录接口漏洞，并且对扫描的暴露目录进行逐一测试和验证，方便渗透人员快速确定未授权接口。还添加了出口IP地址信息本地DNS信息等的查询，方便清楚自身出口IP。

aakian-facai's Introduction

Hi there , I'm zangcc 👋

🔭 I’m currently working on: Penetration test、SDL application development security
🌱 I’m currently learning: Codeql/Java code audit
👯 I’m looking to collaborate on: Ideas and suggestions for vulnerability scanning tool development, intending to develop a large integrated vulnerability scanning tool
🤔 I’m looking for help with: There is nothing for the time being
💬 Ask me about: Network security, penetration testing, design and implementation of vulnerability scanning tool based on JavaFX
📫 How to reach me: (😄My CSDN Blog~)
😄 Pronouns: He/him
⚡ Fun fact: 不再挖洞，努力coding..
🫡 wx公众号：Eureka安全团队
I have always regarded programming as a hobby, non-professional programming, all are small tools implemented with code on a whim, so you can issue questions to me for many bugs.

Github State

aakian-facai's People

Contributors

Stargazers

Watchers

Forkers

klinklinklin kenuoseclab p1ach01 poketjomon shakenetwork nanaao 5l1v3r1 hhhhelix xiju2003 shimxx ptr-ptr zzhsec superneilcn dogadmin john404nf lg996 bowman03 wiki-hub-2023

aakian-facai's Issues

win用户目录下新建一个 .bat ，内容写 cmd /k "xjar.exe java -jar Aakian.jar" 保存就可以点击用了

输入url后执行直接闪退，显示已被github.com/zangcc保护

这是报错内容，java版本1.8，mac m1，求指点
2023-10-12 09:25:43.289 java[10329:334371] TSM AdjustCapsLockLEDForKeyTransitionHandling - _ISSetPhysicalKeyboardCapsLockLED Inhibit

ERROR !!!!!!!!!!! Jar(or War) has been protected by github.com/zangcc. Please use javaagent re-start project. !!!!!!!!!!!

Located in Main.MySceneController
At 2023-08-10 11:52:08.476 Random-Character vJb=yfLTIYh-d9jBmRg(HCt*r+S_XZ)7

js文件获取的不是很准确，有漏掉的

这是工具获取到的

这是网站源码中的js,

而且点验证也没有反应

f我不知道是我本地的原因，还是工具的原因

app....js文件中path:后面跟的是“ ，不是文章中的单引号，这是导致扫面失败的原因吗

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by io.xjar.reflection.XReflection (file:/D:/Aakian-v1.0-main/Aakian.jar) to field java.net.URLClassLoader.ucp
WARNING: Please consider reporting this to the maintainers of io.xjar.reflection.XReflection
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Exception in thread "main" java.lang.reflect.InaccessibleObjectException: Unable to make public jdk.internal.loader.Resource jdk.internal.loader.URLClassPath.getResource(java.lang.String) accessible: module java.base does not "exports jdk.internal.loader" to unnamed module @43814d18
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:340)
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:280)
at java.base/java.lang.reflect.Method.checkCanSetAccessible(Method.java:198)
at java.base/java.lang.reflect.Method.setAccessible(Method.java:192)
at io.xjar.reflection.XReflection.method(XReflection.java:35)
at io.xjar.jar.XJarClassLoader.(XJarClassLoader.java:41)
at io.xjar.jar.XJarLauncher.launch(XJarLauncher.java:51)
at io.xjar.jar.XJarLauncher.main(XJarLauncher.java:31)
panic: exit status 1

goroutine 1 [running]:
main.main()
C:/Users/wang/Desktop/xjar.go:73 +0x670

可以使用纯jar版本吗

具体如题，如果限于exe的话，只能windows使用，有的时候可能是在kali上或者mac上使用，exe无法使用