Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.

Related tags

Security eyes.sh
Overview

eyes.sh 1.0.2

View this doc in English.

eyes.sh是用来辅助安全测试和漏扫工具的DNS Log / HTTP Log检测工具,基于 BugScan DNSLog 优化(感谢四叶草安全、感谢坤哥 :) )。

访问 http://eyes.sh/

  • 演示账号 demo / demo@pass,请注意,该账号删除功能无效
  • 也可以在登录页面中选择 创建随机ID并登录

Chang Log

  • 2022-04-09: 增加多语言支持,添加英文翻译
  • 2022-04-06: 注册用户名,限制只允许使用字母数字

背景

  • 公司内部扫描器每天产生数百万次DNS Log接口调用
  • 因为一些原因,DNSLog服务部署在低配置的海外VPS,这给扫描系统造成了瓶颈

增强的功能

  • 更加友好的分页、删除、查看指定IP,增加搜索功能,增加显示IP定位、显示Request Headers、捕获Request Body
  • 支持监控新记录自动刷新(可以关键词过滤,关注特定目标或特定漏洞)
  • 支持DNS重绑定
  • 接口优化,增加支持Group DNS查询,减少扫描器的接口调用次数
    • 例如,扫描器先以 (主机名+任务ID)做DNS前缀,投递完所有payloads,任务结束时,通过单个查询,检查是否有漏洞被触发
  • API接口域名TTL为0,导致过多无意义查询,修正为1200
    • 原来每次API请求都将产生额外的DNS查询
  • 增加了注册、一键生成随机域名、简单管理开关、简单登录锁定等
  • 数据库优化,后端使用MySQL ,增加索引,数百万记录下查询性能较好

安装部署

域名和公网 IP

以部署 eyes.sh 网站为例。部署服务时,临时地,需要用到两个域名(其中一个只需要添加2个A记录,作为 eyes.sh 的NS记录值)

因为 eyes.sh 解析尚未生效,所以你暂时还不能以 ns.eyes.sh 来作为 eyes.sh的NS记录,但服务配置生效之后可以再改过去

  • 设置 eyes.sh NS 记录为eyes_dns1.lijiejie.com, 然后把 eyes_dns1.lijiejie.com指向你的服务器IP
eyes.sh nameserver = eyes_dns1.lijiejie.com
eyes.sh nameserver = eyes_dns2.lijiejie.com

Django工程

Python 3.8 + Django 4.0, 参考 deploy.sh文件中的命令清单进行部署,MySQL的安装需要交互

  • 海外VPS请注意 时区设置、MySQL编码设置

\dnslog\settings.py 文件中,配置好服务域名,关闭DEBUG开关、配置 DATABASES

DNS_DOMAIN = 'eyes.sh'   # 用于DNS记录的域名
ADMIN_DOMAIN = ['eyes.sh', 'www.eyes.sh']  # 管理后台域名

# NS记录值
NS1_DOMAIN = 'eyes_dns1.lijiejie.com'
NS2_DOMAIN = 'eyes_dns2.lijiejie.com'

SERVER_IP = '123.123.123.123'  # 你的服务器外网IP

Nginx配置文件为目录下 dnslog_nginx.conf

创建管理员账号

系统部署完成后,创建的第一个账号为系统管理员。建议: 在本地绑定hosts的情况下,提前完成账号的创建。

功能截图

License

GPL-2.0

You might also like...

Build a Cryptocurrency Tracker with Next.js and GraphQL

Build a Cryptocurrency Tracker with Next.js and GraphQL

Build a Cryptocurrency Tracker with Next.js and GraphQL This is the complete code to my blog post on Medium on "Build a Cryptocurrency Tracker with Ne

Dec 1, 2022

Policy-password is a NodeJS library written in Typescript to generate passwords according to policies and constraints.

Policy-password is a NodeJS library written in Typescript to generate passwords according to policies and constraints.

Policy-password is a NodeJS library written in Typescript to generate passwords according to policies and constraints.

May 17, 2022

A Develop Tool to Test WebSocket, Socket.IO, Stomp, Bayeux, HTTP, TCP, UDP, WebRTC, DNS API.

A Develop Tool to Test WebSocket, Socket.IO, Stomp, Bayeux, HTTP, TCP, UDP, WebRTC, DNS API.

Sep 6, 2022

PAKURI-THON is a tool that supports pentesters with various pentesting tools and C4 server

PAKURI-THON is a tool that supports pentesters with various pentesting tools and C4 server

PAKURI-THON Pentest Achieve Knowledge Unite Rapid Interface - Python PAKURI-THON is a tool that supports pentesters with various pentesting tools and

Nov 9, 2022

Node.js package with a customized HTTP and HTTPS agents to prevent SSRF with hosts validations and custom DNS feature.

http-agent-dns This is a Node.js package with a customized HTTP and HTTPS agents to prevent SSRF with hosts validations with a possibility to use a cu

Jul 21, 2022

:ledger: Minimal lightweight logging for JavaScript, adding reliable log level methods to wrap any available console.log methods

loglevel Don't debug with logs alone - check out HTTP Toolkit: beautiful, powerful & open-source tools for building, testing & debugging HTTP(S) Minim

Jan 6, 2023

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

EasyPen Alpha 1.0.5 Do not use EasyPen for illegal purposes, this tool is for research only 查看中文 EasyPen is a GUI program which helps pentesters do ta

Dec 25, 2022

Grupprojekt för kurserna 'Javascript med Ramverk' och 'Agil Utveckling'

JavaScript-med-Ramverk-Laboration-3 Grupprojektet för kurserna Javascript med Ramverk och Agil Utveckling. Utvecklingsguide För information om hur utv

May 18, 2022

Hemsida för personer i Sverige som kan och vill erbjuda boende till människor på flykt

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

May 3, 2022

Kurs-repo för kursen Webbserver och Databaser

Webbserver och databaser This repository is meant for CME students to access exercises and codealongs that happen throughout the course. I hope you wi

Jan 3, 2023

Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard

Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard

Cloudflare Gateway Pi-hole Scripts (CGPS) Cloudflare Gateway allows you to create custom rules to filter HTTP, DNS, and network traffic based on your

Aug 13, 2023

BotsApp is an optimized and easy-to-use WhatsApp UserBot written in Node.js

BotsApp is an optimized and easy-to-use WhatsApp UserBot written in Node.js

💠 BotsApp 💠 Your Personal Assisstant, on WhatsApp! BotsApp is an optimized and easy-to-use WhatsApp UserBot written in Node.js. Utilize your persona

Jan 1, 2023

Lavalink client with lots of extra functionality, easy to use and well optimized.

📘 nSysLava Lavalink client with lots of extra functionality, easy to use and well optimized! พัฒนาโดยคนไทย 😳 Many utility functions - มีฟังก์ชันอรรถ

Apr 12, 2022

A fast and optimized middleware server with an absurdly small amount of code (300 lines) built on top of Deno's native HTTP APIs

A fast and optimized middleware server with an absurdly small amount of code (300 lines) built on top of Deno's native HTTP APIs with no dependencies. It also has a collection of useful middlewares: log file, serve static, CORS, session, rate limit, token, body parsers, redirect, proxy and handle upload. In "README" there are examples of all the resources. Faster's ideology is: all you need is an optimized middleware manager, all other functionality is middleware.

Dec 28, 2022

Cloudflare DDNS (Dynamic DNS) support for UniFi OS

Cloudflare DDNS for UniFi OS A Cloudflare Worker script that exposes a UniFi-compatible DDNS API to dynamically update the IP address of a DNS A recor

Jan 1, 2023

DNS-Blocklists: For a better internet - keep the internet clean!

DNS-Blocklists: For a better internet - keep the internet clean!

DNS Blocklists - For a better internet! Multi - Cleans the Internet and protects your privacy! An all in one blocklist based on the OISD blocklist, ba

Jan 2, 2023

A (multi) DNS-over-HTTPS resolver for Node.js

doh-resolver A DNS-over-HTTPS resolver for Node.js. Install $ npm install doh-resolver --save Usage It can be used as dns.resolve4 and/or dns.resolve6

Jul 20, 2022

Mag🔥Lit - A super fast and easy-to-use free and open source private encrypted Magnet/HTTP(s) Link Shortener

Mag🔥Lit - A super fast and easy-to-use free and open source private encrypted Magnet/HTTP(s) Link Shortener

Mag 🔥 Lit Mag 🔥 Lit - A super fast and easy-to-use free and open source private encrypted Magnet/HTTP(s) Link Shortener https://maglit.ml Features ✅

Jan 8, 2023

📡Usagi-http-interaction: A library for interacting with Http Interaction API

📡 - A library for interacting with Http Interaction API (API for receiving interactions.)

Oct 24, 2022
Comments
  • updates & bug fix

    updates & bug fix

    1. 在入口处显示自己的子域名,这样就不用去Config里面找了,可以直接上手使用平台: image
    2. 增加Payloads大全功能,自动生成对应子域名的Payloads,快速使用: image
    3. 修复多个请求命中查询处超链接没有正常显示;
    4. 设置Django的Debug默认处于关闭模式;
    5. 修改deploy.sh文件,添加适用于中国内地的python镜像,以便于pyenv快速编译。
    opened by rtcatc 1
  • weblog功能不生效

    weblog功能不生效

    使用eyes.sh和自己搭建的都一样 发送post

    curl  6ux5rl5z.eyes.sh -X POST -d "123123"
curl: (6) Could not resolve host: 6ux5rl5z.eyes.sh

    只有dnslog有记录,weblog没有显示

    opened by okoling 7
Owner
Just For Fun
null
GitHub
A Secure Web Proxy. Which is fast, secure, and easy to use.

Socratex A Secure Web Proxy. Which is fast, secure, and easy to use. This project is under active development. Everything may change soon. Socratex ex

Leask Wong 222 Dec 28, 2022
📡 Encrypt and authenticate DevTools to use it securely remotely. Add HTTPS, and authentication to --remote-debugging-port to debug, inspect and automate from anywhere and collaborate securely on bugs.

?? Encrypt and authenticate DevTools to use it securely remotely. Add HTTPS, and authentication to --remote-debugging-port to debug, inspect and automate from anywhere and collaborate securely on bugs.

Cris 9 May 5, 2022
Security tool used to take quick action against newly-discovered vulnerabilities in the blockchain.

SolidGuard is a Blockchain Security tool catered towards organizations who manages decentralized applications on the Ethereum blockchain. It is an attack database for documenting all major hacks that happened in the blockchain, and is also used to notify or pause decentralized applications affected by the attacks published in the database.

Team SolidGuard 3 Mar 28, 2022
Use AES-256-GCM + Scrypt to encrypt files

Use AES-256-GCM + Scrypt to encrypt files

Paul Miller 3 Jun 21, 2022
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

DOMPurify DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's also very simple to use and get started with

Cure53 10.2k Jan 7, 2023
Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance

sanitize-html sanitize-html provides a simple HTML sanitizer with a clear API. sanitize-html is tolerant. It is well suited for cleaning up HTML fragm

Apostrophe Technologies 3.2k Dec 26, 2022
AnonCrypt ciphers and diciphers your messages or strings which makes you send texts to people without them understanding it.

AnonCrypt ciphers and diciphers your messages or strings which makes you send texts to people without them understanding it. Anoncrypt uses Aes192 cipher encryption type and not Hmac.

AnonyminHack5 11 Oct 23, 2022
A WebApp that allows you to follow Cryptos' News and Stats

CryptoWatch A WebApp that allows you to follow Cryptos' News and Stats. Table of Contents About The Project Screenshots Built With Getting Started Pre

null 28 Aug 4, 2022
Smart contracts for governance. Contract allows to bond custom/LP UNI-v2 tokens and get voting power

Smart contracts for governance. Contract allows to bond custom/LP UNI-v2 tokens and get voting power

Rinat Fihtengolts 3 Oct 2, 2022
A full stack digital marketplace running on Ethereum, built with Polygon, Next.js, Tailwind, Solidity, Hardhat, Ethers.js, and IPFS

A full stack digital marketplace running on Ethereum, built with Polygon, Next.js, Tailwind, Solidity, Hardhat, Ethers.js, and IPFS

Christotle Agholor 32 Dec 27, 2022