一、AWVS简介

AWVS (Acunetix Web Vulnerability Scanner) 是一款专业的Web应用安全扫描工具,由Acunetix公司开发。它是全球最知名的Web漏洞扫描器之一,被广泛用于企业安全测试和渗透测试工作中。

主要功能特点:

  1. 自动化漏洞扫描
    • 支持检测SQL注入、XSS、CSRF等OWASP Top 10漏洞
    • 能够识别7000+种Web应用漏洞
  2. 全面扫描能力
    • 支持扫描传统Web应用、单页应用(SPA)、Web服务(API)
    • 可处理JavaScript、HTML5等现代Web技术
  3. 高级爬虫技术
    • 深度内容分析引擎
    • 支持AJAX和复杂Web 2.0应用的爬取
  4. 集成式解决方案
    • 可与CI/CD管道集成
    • 提供REST API用于自动化
    • 支持与主流缺陷跟踪系统集成

二、多目标扫描任务添加

该扫描器无法批量添加扫描目标,可以使用如下工具解决该问题:

1
2
3
4
5
6
7
-u 添加一个扫描任务
-f 批量添加扫描任务
-d 取消删除所有的扫描任务

python3 1.py -u "https://www.baidu.com"
python3 1.py -f url.txt
python3 1.py -d

image-20250709103753349

三、工具脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import requests
import hashlib
import json
import argparse

username = 'xxxxx'
password = 'xxxxx'
awvs_url = 'https://xxxxx:3443/'

class Awvs():
    awvs = ''
    headers = {
        'Content-Type': 'application/json;charset=UTF-8',
    }
    def __init__(self, awvs_url, username, password):
        self.awvs_url = awvs_url
        password = hashlib.sha256(password.encode()).hexdigest()
        info = {
            "email": username,
            "password": password,
            "remember_me": "false",
            "logout_previous":"true"
        }
        info = json.dumps(info)
        requests.packages.urllib3.disable_warnings()
        r = requests.session()
        try:
            X_Auth = r.post(self.awvs_url + 'api/v1/me/login', data=info, verify=False, headers=self.headers).headers['X-Auth']
        except:
            exit('awvs Login failed')
        self.headers['X-Auth'] = X_Auth
        self.awvs = r
    
    def addTarget(self,target_url):
        info = {
            "address": target_url,
            "description": '',
            'criticality':"10"
        }
        info = json.dumps(info)
        ret = self.awvs.post(self.awvs_url + 'api/v1/targets', data=info, verify=False, headers=self.headers).text
        ret = json.loads(ret)
        return ret['target_id']
    
    def scanTarget(self, target_id):
        info = '{"target_id":"xxxxxxxxxxxx","profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"start_date":null,"time_sensitive":false},"ui_session_id":"81ae275a0a97d1a09880801a533a0ff1"}'
        info = info.replace('xxxxxxxxxxxx', target_id)
        self.awvs.post(self.awvs_url+'/api/v1/scans',data=info, verify=False, headers=self.headers).text
        

    def getScanList(self):
        scan_list= self.awvs.get(self.awvs_url + "/api/v1/scans?l=100", verify=False, headers=self.headers).text
        scan_list = json.loads(scan_list)
        scan_lists = []
        for i in scan_list['scans']:
            scan_lists.append(i['scan_id'])
        return scan_lists

    def getTargetList(self):
        target_list = self.awvs.get(self.awvs_url + "/api/v1/targets?l=100", verify=False, headers=self.headers).text
        target_list = json.loads(target_list)
        target_lists = []
        for i in target_list['targets']:
            target_lists.append(i['target_id'])
        return target_lists

    def delTarget(self, target_id):
        self.awvs.delete(self.awvs_url + "/api/v1/targets/" + target_id, verify=False, headers=self.headers)


    def delScan(self, scan_id):
        self.awvs.delete(self.awvs_url + "/api/v1/scans/" + scan_id, verify=False, headers=self.headers)
    
if __name__ == "__main__":
    awvs = Awvs(awvs_url, username, password)
    parser = argparse.ArgumentParser()
    parser.add_argument('-u',help='scan a url')
    parser.add_argument('-f',help='scan a file list')
    parser.add_argument('-d',action='store_true',help='delete all target and scan')
    args = parser.parse_args()
    if (args.u):
        target_id = awvs.addTarget(args.u)
        awvs.scanTarget(target_id)
        print('starting scan '+args.u)
    if (args.f):
        with open(args.f) as f:
            for i in f:
                url = i.replace("\n", '')
                url = url.replace("\r", '')
                target_id = awvs.addTarget(url)
                awvs.scanTarget(target_id)
                print('starting scan ' + url)
    if (args.d):
        scan_list = awvs.getScanList()
        target_list = awvs.getTargetList()
        for i in scan_list:
            awvs.delScan(i)
        for i in target_list:
            awvs.delTarget(i)
        print('all delete success')