unicornscan (us) 命令
# unicornscan -mT -r200 -I www.-mT 是通过TCP 模式进行扫描
-r200 是一秒钟发送200个包
-I 是即时显示模式,即获得的内容立刻显示出来
第一次运行会提示错误
cp /usr/share/GeoIP/GeoIP.dat /usr/local/etc/unicornscan/
把GeoIP.da 复制到相当地方就可以
Overview:
Unicornscan is a new information gathering
and correlation engine built for and by members
of the security research and testing communities.
It was designed to provide an engine that is Scalable,
Accurate, Flexible, and Efficient. It is released for the
community to use under the terms of the GPL license.
Benefits:
Unicornscan is an attempt at a User-land Distributed TCP/IP stack.
It is intended to provide a researcher a superior interface
for introducing a stimulus into and measuring a response
from a TCP/IP enabled device or network. Although it currently
has hundreds of individual features, a main set of abilities
include:
Asynchronous stateless TCP scanning with all variations of TCP Flags.
Asynchronous stateless TCP banner grabbing
Asynchronous protocol specific UDP Scanning (sending enough of a signature to elicit a response).
Active and Passive remote OS, application, and component identification by analyzing responses.
PCAP file logging and filtering
Relational database output
Custom module support
Customized data-set views
[ 本帖最后由 madfrogme 于 2012-12-7 01:21 编辑 ]