-
Notifications
You must be signed in to change notification settings - Fork 379
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Upload new file: IDEA 代码审计辅助插件(深信服深蓝实验室天威战队强力驱动).md via simpread
- Loading branch information
Showing
1 changed file
with
108 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
> 本文由 [简悦 SimpRead](http:https://ksria.com/simpread/) 转码, 原文地址 [mp.weixin.qq.com](https://mp.weixin.qq.com/s/qC5gEWpdx7j4fehp4XbWWQ) | ||
免责声明 | ||
|
||
由于传播、利用本公众号夜组安全所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,公众号夜组安全及作者不为此承担任何责任,一旦造成后果请自行承担!如有侵权烦请告知,我们会立即删除并致歉。谢谢!**所有工具安全性自测!!!** | ||
|
||
朋友们现在只对常读和星标的公众号才展示大图推送,建议大家把**夜组安全** “**设为星标**”,否则可能就看不到了啦! | ||
|
||
![](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2UntdzhiaZFYuHHGQqkrTvChjia6icbibu08pHkBhDYhYdEZ14FgRgEy50iaYlYTAzTicOtyAPbwx6XpuUQ/640?wx_fmt=png&from=appmsg) | ||
|
||
**01** | ||
|
||
**工具介绍** | ||
|
||
* SecInspector 为 IDEA 静态代码扫描插件,侧重于在编码过程中发现项目潜在的安全风险(一键搜索所有的 sink 点,替代传统 control+F 大法),部分漏洞并提供一键修复能力,提升安全攻防人员代码审计效率、开发人员代码安全质量 | ||
|
||
* 插件利用 IDEA 原生 Inspection 机制检查项目,自动检查当前活跃窗口的活跃文件,检查速度快,占用资源少,官方介绍:https://www.jetbrains.com/help/idea/inspections-settings.html#5 | ||
|
||
* 插件提供的规则名称均以 "SecInspector" 开头,由深信服深蓝实验室天威战队强力驱动 | ||
|
||
|
||
|
||
版本支持:Intellij IDEA (Community / Ultimate) >= 2021.3 | ||
|
||
**02** | ||
|
||
**安装使用** | ||
|
||
IDEA "Settings" --> "Plugins",获取 SecInspector.jar 后,选中从本地磁盘安装该插件 | ||
![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIOsGvIrJYcygIVOFxtd3BRxpOwPibTcbsLiaCay8ryeAw7E5qrmylia8XxQ/640?wx_fmt=png&from=appmsg) | ||
|
||
### 使用:方法一 | ||
|
||
该插件会在您编码过程中自动扫描当前编辑的代码,并实时提醒安全风险 ![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIOp6GLeSuBnuNXYrmQqiaRAYIsqJ9MEiazeCZbZVErfZhIJrOcN0gBhlGg/640?wx_fmt=png&from=appmsg) | ||
|
||
### 使用:方法二 | ||
|
||
IDEA 提供 Inspect Code 功能支持对整个项目 / 指定范围文件进行自定义规则的扫描 ![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIOg4HdBmMrZl4aicjHHKKiatHJlvtIyDWJXvxOMtQeicsKaBnCYpDW7Vq4A/640?wx_fmt=png&from=appmsg) | ||
|
||
可以漏洞扫描需求,选中 SecInspector 规则 ![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIO5khzEecslveSia2ltUibOrtuU1TobQTDERz4hicib1SImib0UaHIQYMsRDg/640?wx_fmt=png&from=appmsg) | ||
|
||
插件规则 覆盖常见的 RCE、反序列化、SQL 注入、JNDI 注入、任意文件读取 / 写入等类型的 sink 点 ![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIO9lsGglxLzmDnHdyqoxDRtNuv4Pjkh8YcficoUhzCRp4ZKfnplHP52dA/640?wx_fmt=png&from=appmsg) | ||
|
||
**03** | ||
|
||
**项目实战** | ||
|
||
以项目审计为例,反编译 jar 包后,把源码标记为 Source Root, | ||
|
||
扫描业务代码,跟踪该方法即可分析出 rce 的漏洞 ![图片](https://mmbiz.qpic.cn/sz_mmbiz_png/icZ1W9s2Jp2WvsCNUqiaTzxbArmicbBQaIOzMiaMSp8mCkRXwBwYCJgZ6tBBcjsL005a6Mic20zrV71qZE0IiavPe2GQ/640?wx_fmt=png&from=appmsg) | ||
|
||
**04** | ||
|
||
**工具下载** | ||
|
||
**点击关注下方名片****进入公众号** | ||
|
||
**回复关键字【240622****】获取****下载链接** | ||
|
||
|
||
|
||
**05** | ||
|
||
**往期精彩** | ||
|
||
[ | ||
|
||
![](https://mmbiz.qpic.cn/sz_mmbiz_jpg/icZ1W9s2Jp2V5iapYicyTBtPkq5JTngTRTaCNLTusbDWEsxmmguQBlyiatnrVrVECvp8MPmyONYkGHUME6X34af1Eg/640?wx_fmt=jpeg) | ||
|
||
海康威视 iSecure 后渗透 | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
](http:https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247491162&idx=1&sn=9e6c2e05e816a88f174668b66a9c4284&chksm=c3685aa2f41fd3b4f111e4923fa28ed9d89a1f39d7ceca9dcfab4291a002d1733e19c9fd0c1b&scene=21#wechat_redirect) | ||
|
||
[ | ||
|
||
![](https://mmbiz.qpic.cn/sz_mmbiz_jpg/icZ1W9s2Jp2VFkPQ2N34aMaLboxca4htwb5TLHibBF4gtGUfVh6hCzAOW1tPe2MuXbFoh6DrTVcn4LNCH7TudF2w/640?wx_fmt=jpeg) | ||
|
||
一款免费开源的漏洞情报系统 | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
](http:https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247491106&idx=1&sn=c3c3f1af2ee522426e5cba1fb24eb7fc&chksm=c3685adaf41fd3ccb2fa144a39a83796112febd45b03dcf24bb83cdfc33b9b9e5b5e4697701e&scene=21#wechat_redirect) | ||
|
||
[ | ||
|
||
![](https://mmbiz.qpic.cn/sz_mmbiz_jpg/icZ1W9s2Jp2Uw1PdTZeUU8QdkNBrhwiaRszkGUqKichJ9XGlp1vzTKC0rbBty7O9p4piaGGcRbfhfic7YNTica1yAibqQ/640?wx_fmt=jpeg) | ||
|
||
渗透测试辅助工具箱,反弹 shell,命令生成器,输入对应 IP 端口即可,实现一劳永逸 | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
](http:https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247491105&idx=1&sn=182c588226ce3c0528b448e68534bb71&chksm=c3685ad9f41fd3cfd99d66d0b3e70e73b692346e2c552ec958b718b2a9537b0f7cdca61f4e08&scene=21#wechat_redirect) | ||
|
||
![](https://mmbiz.qpic.cn/mmbiz_png/OAmMqjhMehrtxRQaYnbrvafmXHe0AwWLr2mdZxcg9wia7gVTfBbpfT6kR2xkjzsZ6bTTu5YCbytuoshPcddfsNg/640?wx_fmt=png&wxfrom=5&wx_lazy=1&wx_co=1&random=0.8399406679299557) |