Kamfanin Cloudflare game da buɗe lambar tushe na aikin , wanda ke bincikar runduna a kan hanyar sadarwa don raunin da ba a fashe ba. Flan Scan ƙari ne zuwa na'urar daukar hotan tsaro ta hanyar sadarwa , Juya na ƙarshe ya zama cikakken kayan aiki na kayan aiki don gano ma'aikata masu rauni a cikin manyan cibiyoyin sadarwa. An rubuta lambar aikin a cikin Python da ƙarƙashin lasisin BSD.
Flan Scan yana sauƙaƙa nemo buɗaɗɗen tashoshin sadarwa na hanyar sadarwa akan hanyar sadarwar da ake bincike, tantance ayyukan da ke da alaƙa da su da nau'ikan shirye-shiryen da aka yi amfani da su, da kuma haifar da jerin lahani waɗanda ke shafar ayyukan da aka gano. Bayan kammala aikin, ana samar da rahoto da ke taƙaita matsalolin da aka gano da kuma jera abubuwan gano CVE da ke da alaƙa da raunin da aka gano, an jera su da tsanani.
Don tantance raunin da ya shafi ayyuka, ana amfani da rubutun da aka kawo tare da nmap (ana iya sauke wani sabon sigar kwanan nan daga ), shiga cikin database . Ana iya samun irin wannan sakamako tare da umarnin:
nmap -sV -oX /shared/xml_files -oN — -v1 —script=scripts/vulners.nse ip-address
"-sV" yana fara yanayin sikanin sabis, "-oX" yana ƙayyadad da kundin adireshin rahoton XML, "-oN" yana saita yanayin al'ada don fitar da sakamako zuwa na'ura mai kwakwalwa, -v1 yana saita matakin dalla-dalla na fitarwa, "--script" yana nufin zuwa rubutun vulners.nse don kwatanta ayyukan da aka gano tare da sanannun lahani.
Ayyukan da Flan Scan ke yi an rage su ne don sauƙaƙa tura tsarin sikanin rauni na tushen nmap a cikin manyan cibiyoyin sadarwa da wuraren girgije. Ana ba da rubutun don tura keɓaɓɓen akwati Docker ko Kubernetes don gudanar da aikin tabbatarwa a cikin gajimare da tura sakamakon zuwa Google Cloud Storage ko Amazon S3. Dangane da ingantaccen rahoton XML wanda nmap ya samar, Flan Scan yana samar da rahoto mai sauƙin karantawa a cikin tsarin LaTeX wanda za'a iya canzawa zuwa PDF.
source: budenet.ru