Catcher (捕手)
Catcher is a powerful system fingerprint vulnerability verification tool designed for external network asset scanning and vulnerability checks. It is particularly useful for identifying vulnerabilities in a large number of subdomains and assets.
Key Features:
- Fingerprint Recognition: Automatically identifies system fingerprints using a predefined JSON file.
- Vulnerability Testing: Executes corresponding proof of concept (PoC) tests based on recognized fingerprints.
- CDN Detection: Determines whether domains are using a CDN and performs port scanning on non-CDN domains.
- Batch Processing: Supports testing multiple domains or IPs simultaneously, making it efficient for large-scale assessments.
- Result Management: Saves results in organized files for easy review, including detailed reports on vulnerabilities and scanning results.
Benefits:
- Efficiency: Streamlines the process of vulnerability assessment across multiple assets.
- User-Friendly: Command-line interface allows for easy customization of tests based on user needs.
- Continuous Updates: Regular updates to fingerprints and PoCs ensure the tool remains effective against new vulnerabilities.
Highlights:
- Supports various input formats for domains and IPs.
- Generates comprehensive reports in Excel format for better visibility of results.
- Ideal for security professionals and organizations looking to enhance their vulnerability management processes.