-
Notifications
You must be signed in to change notification settings - Fork 284
/
config.ini
191 lines (174 loc) · 7.79 KB
/
config.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
[Common]
# If you use proxy server, you have to set proxy information at "proxy".
# http://192.168.184.1:8083
method_crawl : Crawling
method_direct : Direct
method_search : Search
method_log : Log
banner_delay : 1.0
con_timeout : 10.0
max_target_url : 200
max_target_byte : 0
clipping_regex :
clipping_size : 10000
clipping_buff : 200
clipping_mark :
scramble : 1
date_format : %%Y/%%m/%%d %%H:%%M:%%S
log_path : logs
log_file : gyoithon.log
signature_path : signatures
module_path : modules
proxy :
proxy_user :
proxy_pass :
user-agent : Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0 mbsd2020
default_charset : utf-8
redirect : 0
[CloudChecker]
# The newest Azure IP range is following.
# https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653
aws_srv_name : Amazon Web Service
aws_ip_range : https://ip-ranges.amazonaws.com/ip-ranges.json
azure_srv_name : Microsoft Azure
azure_ip_range : https://download.microsoft.com/download/0/1/8/018E208D-54F8-44CD-AA26-CD7BC9524A8C/PublicIPs_20191216.xml
gcp_srv_name : Google Cloud Platform
gcp_nslookup_cmd : nslookup -q=TXT
gcp_content_srv : _cloud-netblocks.googleusercontent.com
gcp_content_ip : 8.8.8.8
gcp_get_domain_regex : include:(_cloud-netblocks\d{1,3}\.googleusercontent\.com)
gcp_get_nwaddr_regex : ip4:(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/\d{1,2})
[VersionChecker]
signature_file : signature_product.txt
[VersionCheckerML]
category : OS@WEB@FRAMEWORK@CMS
train_path : train_data
trained_path : trained_data
train_os_in : train_os_in.txt
train_os_out : train_os_out.pkl
train_web_in : train_web_in.txt
train_web_out : train_web_out.pkl
train_framework_in : train_framework_in.txt
train_framework_out : train_framework_out.pkl
train_cms_in : train_cms_in.txt
train_cms_out : train_cms_out.pkl
[CommentChecker]
signature_file : signature_comment.txt
[ErrorChecker]
signature_file : signature_error.txt
[PageChecker]
train_path : train_data
train_page : train_page_type.txt
trained_path : trained_data
trained_page : train_page_type.pkl
signature_file : signature_page_type_from_url.txt
[GoogleHack]
# You can get "search_engine_id" from https://cse.google.com/cse/all
api_key :
search_engine_id :
signature_file : signature_search_query.txt
api_strict_key : Referer
api_strict_value :
start_index : 1
delay_time : 1.0
[ContentExplorer]
signature_file : signature_default_content.txt
delay_time : 1.0
[CveExplorerNVD]
con_timeout : 60.0
max_cve_count : 3
vuln_db_dir : vuln_db
nvd_name : vulns_nvd.csv
nvd_db_header : last_modified_date@data_type@problem_type@id@cvss_v2_score@cvss_v3_score@category@vendor_name@product_name@version_value@update_value@edition_value@description
nvd_year_name : vulns_*_nvd.csv
cve_years : 2002@2003@2004@2005@2006@2007@2008@2009@2010@2011@2012@2013@2014@2015@2016@2017@2018@2019@2020@2021
nvd_meta_url : https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-*.meta
nvd_zip_url : https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-*.json.zip
nvd_chk_date_regex : ^lastModifiedDate:(.*T.*)-.*[\r\n]
nvd_chk_hash_regex : ^sha256:(.*)[\r\n]
nvd_date_format : %%Y-%%m-%%dT%%H:%%M:%%S
[Report]
report_path : report
report_name : gyoithon_report_*.csv
report_name_censys : gyoithon_censys_report_*.csv
report_name_invent : gyoithon_inventory_report_*.csv
report_name_exploit : gyoithon_exploit_report_*.html
report_temp : gyoithon_exploit_temp_*.csv
template : report_template.html
header : fqdn@ip_addr@port@cloud_type@method@origin_url@url@vendor_name@prod_name@prod_version@prod_trigger@prod_type@prod_vuln@origin_login@origin_login_trigger@wrong_comment@error_msg@server_header@log@date
header_censys : fqdn@ip_addr@category@open_port@protocol@sig_algorithm@cname@valid_start@valid_end@organization@date
header_invent : Index@Search Date@Search Word@Search Type@Domain@Mutation flag@Origin Domain@Administrative Contact@Registrant Name@Registrant Organization@Registrant Email@Admin Name@Admin Organization@Admin Email@Tech Name@Tech Organization@Tech Email@Name Server@Sub-Domain@IP Address@Access Status (http)@Location (http)@Access Status (https)@Location (https)@A record@CNAME record@NS record@MX record@SOA record@TXT record@Note
header_ss : Page Title (http)@URL (http)@Save Path (http)@Page Title (https)@URL (https)@Save Path (https)
header_exploit : ip@port@service@vuln_name@type@description@exploit@target@payload@reference
[Spider]
output_filename : _crawl_result.json
concurrent_reqs : 1
depth_limit : 2
delay_time : 3.0
time_out : 300
item_count : 50
page_count : 50
error_count : 0
[Exploit]
server_host : 192.168.220.132
server_port : 55553
msgrpc_user : test
msgrpc_pass : test1234
timeout : 10
LHOST : 192.168.220.132
LPORT : 4444
data_path : data
conversion_table : conversion_table.csv
[Censys]
api_id : Your_Information
secret : Your_Information
[Creator]
compress_dir : compressed_package
signature_dir : temp_signatures
prohibit_ext :
result_file : result_*.csv
header : index@product@file_path@ext_type@ext_count@files
score_table : score_table.csv
unknown_score : 0.2
threshold : 0.7
turn_inside_num : 2
try_othello_num : 2
del_open_root_dir : 1
[Inventory]
tmp_inventory_dir : tmp_inventory
black_list : exclude_fqdn.txt
max_search_num : 1000
jprs_url : https://whois.jprs.jp/
jprs_regex_multi : {}.*\s*<a.*>(.*)</a>[\r\n]
jprs_regex_single : \[ドメイン名\]\s+([\w\Wa-zA-Z\.].*)[\r\n]@\[Domain Name\]\s+([\w\Wa-zA-Z\.].*)[\r\n]
jprs_contact_path : ?type=POC&key={}
jprs_regex_org : \[Organization\]\s+([\w\Wa-zA-Z\.].*)[\r\n]
jprs_regex_mail : \[電子メイル\]\s+([\w\Wa-zA-Z\.].*)[\r\n]@\[通知アドレス\]\s+([\w\Wa-zA-Z\.].*)[\r\n]
jprs_delay_time : 5.0
jpnic_url : https://whois.nic.ad.jp/cgi-bin/whois_gw
jpnic_regex_multi : {}.*\s.*<a.*>(.*)</a>[\r\n]
jpnic_regex_single : {}.*\s.*<a.*>(.*)</a>[\r\n]
nslookup_delay_time : 1.0
nslookup_cmd : nslookup -q=
nslookup_options : A@CNAME@MX@NS@SOA@TXT
nslookup_regex_ip : 名前:\s+[\w\Wa-zA-Z\.].*[\r\n]Address:\s+([0-9]{1,3}\.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})[\r\n]@Name:\s+[\w\Wa-zA-Z\.].*[\r\n]Address:\s+([0-9]{1,3}\.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})[\r\n]
cname_regex : canonical\sname\s=\s(.*)[\r\n]@canonical\sname\s=\s(.*)[\r\n]
cname_regex_multi : canonical\sname\s=\s(.*)[\r\n]@canonical\sname\s=\s(.*)[\r\n]
mx_rec_regex : mail\saddr\s=\s(.*)[\r\n]@mail\saddr\s=\s(.*)[\r\n]
mx_rec_regex_multi : (.*).*internet\saddress\s=\s.*$@(.*).*internet\saddress\s=\s.*$
ns_rec_regex : name\sserver\s=\s(.*)[\r\n]@origin\s=\s(.*)[\r\n]
soa_rec_regex : name\sserver\s=\s(.*)[\r\n]@origin\s=\s(.*)[\r\n]
txt_rec_regex : v=spf\d{1,3}\sinclude\:(.*) .*[\r\n]@v=spf\d{1,3}\sinclude\:(.*) .*[\r\n]
[DomainTools]
api_host : api.domaintools.com
api_key : Your_API_key
api_username : Your_active_account
uri_reverse_whois : /v1/reverse-whois/
uri_whois_lookup : /v1/{}/whois/
uri_reverse_nslookup : /v1/{}/name-server-domains/
[ComputerVision]
con_timeout : 60
ss_implicitly_wait_time : 30
ss_load_wait_time : 10
driver_dir : driver
chrome_driver : chromedriver