InsectsAwake 漏洞扫描系统详细教学文档<\/h1>

一、系统概述<\/h2>
InsectsAwake 是一个基于 Python 开发的著名开源漏洞扫描系统，启蒙于 Bugscan，脱胎于 Pocsuite。系统采用 FLASK+MongoDB 架构提供 WEB 服务，具备 PoC 的健壮性。<\/p>

主要功能<\/h3>

漏洞扫描<\/strong>：调用创宇的 Pocsuite 进行扫描，使用 Seebug 的免费 PoC<\/li>
资产管理<\/strong>：创建漏洞扫描任务，支持单个 IP 或 URL<\/li>
端口发现<\/strong>：定时调用 nmap 进行端口扫描<\/li>

域名发现<\/strong>：子域名爆破功能（目前功能尚不完善）<\/li> <\/ol>
二、系统安装<\/h2>
环境准备<\/h3>

操作系统：Ubuntu 16.04<\/li>
更新国内源（推荐清华源）<\/li> <\/ul>
安装步骤<\/h3>

获取项目源码<\/strong><\/p>
git clone https:\/\/github.com\/jeffzh3ng\/InsectsAwake.git <\/span><\/span><\/code><\/pre><\/li> 安装 Python 及 pip<\/strong><\/p> sudo apt update <\/span><\/span>sudo apt install python python-pip <\/span><\/span><\/code><\/pre><\/li> 安装 MongoDB 企业版<\/strong><\/p> sudo apt-key adv --keyserver hkp:\/\/keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5 <\/span><\/span>echo "deb [ arch=amd64,arm64,ppc64el,s390x ] http:\/\/repo.mongodb.com\/apt\/ubuntu xenial\/mongodb-enterprise\/3.6 multiverse"<\/span> | sudo tee \/etc\/apt\/sources.list.d\/mongodb-enterprise.list <\/span><\/span>sudo apt-get update <\/span><\/span>sudo apt-get install -y mongodb-enterprise <\/span><\/span><\/code><\/pre> 注意：必须安装 MongoDB 企业版，普通版无法支持系统运行<\/p> <\/blockquote> <\/li> 安装 Python 依赖包<\/strong><\/p> cd InsectsAwake <\/span><\/span>sudo pip install pip -U <\/span><\/span>sudo pip install -r requirements.txt <\/span><\/span><\/code><\/pre><\/li> 安装 nmap<\/strong><\/p> sudo apt install nmap <\/span><\/span><\/code><\/pre><\/li> <\/ol> 数据库配置<\/h3> 启动数据库服务<\/strong><\/p> sudo mkdir -p \/data\/db <\/span><\/span>sudo service mongod start <\/span><\/span>mongo --host 127.0.0.1:27017 <\/span><\/span><\/code><\/pre><\/li> 创建数据库用户<\/strong><\/p> use InsectsAwake db.createUser({ user:'your_username', pwd:'your_password', roles:[{role:'dbOwner',db:'InsectsAwake'}] }) exit <\/code><\/pre> <\/li> <\/ol> 系统配置<\/h3> 修改配置文件 InsectsAwake-Project\/instance\/config.py<\/code>：<\/p> class<\/span> Config<\/span>(): <\/span><\/span> WEB_USER =<\/span> 'admin'<\/span> # 扫描器登录用户<\/span> <\/span><\/span> WEB_PASSWORD =<\/span> 'whoami'<\/span> # 扫描器登录密码<\/span> <\/span><\/span> WEB_HOST =<\/span> '127.0.0.1'<\/span> # 本地访问<\/span> <\/span><\/span> WEB_PORT =<\/span> 5000<\/span> # Web服务端口<\/span> <\/span><\/span> POCSUITE_PATH =<\/span> basedir +<\/span> '\/..\/InsectsAwake\/views\/modules\/scanner\/pocsuite_plugin\/'<\/span> <\/span><\/span> <\/span><\/span>class<\/span> ProductionConfig<\/span>(Config): <\/span><\/span> DB_HOST =<\/span> '127.0.0.1'<\/span> # 数据库地址<\/span> <\/span><\/span> DB_PORT =<\/span> 27017<\/span> # 数据库端口<\/span> <\/span><\/span> DB_USERNAME =<\/span> 'testuser'<\/span> # 数据库用户<\/span> <\/span><\/span> DB_PASSWORD =<\/span> 'testpwd'<\/span> # 数据库密码<\/span> <\/span><\/span> DB_NAME =<\/span> 'test'<\/span> # 数据库名<\/span> <\/span><\/span> <\/span><\/span> # 数据库集合名<\/span> <\/span><\/span> PLUGIN_DB =<\/span> 'test_plugin_info'<\/span> <\/span><\/span> TASKS_DB =<\/span> 'test_tasks'<\/span> <\/span><\/span> VULNERABILITY_DB =<\/span> 'test_vuldb'<\/span> <\/span><\/span> ASSET_DB =<\/span> 'test_asset'<\/span> <\/span><\/span> CONFIG_DB =<\/span> 'test_config'<\/span> <\/span><\/span> SERVER_DB =<\/span> 'test_server'<\/span> <\/span><\/span> SUBDOMAIN_DB =<\/span> 'test_subdomain'<\/span> <\/span><\/span> DOMAIN_DB =<\/span> 'test_domain'<\/span> <\/span><\/span> WEEKPASSWD_DB =<\/span> 'test_weekpasswd'<\/span> <\/span><\/span><\/code><\/pre>初始化数据库<\/h3> cd \/InsectsAwake\/migration <\/span><\/span>python start.py <\/span><\/span><\/code><\/pre>运行系统<\/h3> sudo .\/run.sh restart <\/span><\/span><\/code><\/pre> 注意：系统默认运行在 127.0.0.1:5000，如需外网访问，建议配置 Nginx 或 Caddy 反向代理<\/p> <\/blockquote> 三、系统架构分析<\/h2> 项目结构<\/h3> InsectsAwake\/ ├── app.py # Flask 主程序 ├── __init__.py ├── static\/ # 网页静态文件 ├── templates\/ # 网页HTML模板 ├── views\/ │ ├── asset_management.py # 资产管理处理 │ ├── authenticate.py # 网页认证 │ ├── dashboard.py # 仪表盘 │ ├── index.py # 主页 │ ├── lib\/ │ │ ├── __init__.py │ │ └── mongo_db.py # MongoDB 数据库管理 │ ├── modules\/ │ │ ├── discovery\/ # 资产发现模块 │ │ │ ├── __init__.py │ │ │ └── port_scanner.py # 端口扫描 │ │ ├── scanner\/ # 漏洞扫描模块 │ │ │ ├── __init__.py │ │ │ ├── pocsuite_plugin\/ # PoC插件存放 │ │ │ ├── pocsuite_scanner.py # Pocsuite调用 │ │ │ └── vulnerability_plugin.py # PoC插件管理 │ │ ├── subdomain\/ # 子域名爆破 │ │ │ ├── __init__.py │ │ │ └── subdomain.py │ │ └── week_passwd\/ # 弱口令检测 │ │ ├── __init__.py │ │ └── week_http_passwd_test.py │ ├── plugin_management.py # PoC插件管理 │ ├── settings.py # 平台参数设置 │ ├── subdomain_brute.py # 子域名爆破 │ ├── task_management.py # 任务管理 │ ├── vulnerability_management.py # 漏洞管理 │ └── weak_passwd_test.py # 弱口令管理 ├── instance\/ │ ├── config.py # 配置文件 │ └── __init__.py ├── LICENSE ├── logs\/ │ ├── db.log │ └── log.log ├── migration\/ │ ├── DataModels │ └── start.py # 数据库初始化 ├── requirements.txt ├── run.sh # 启动脚本 └── tests\/ └── domain.dict # 子域名字典 <\/code><\/pre> 主程序流程<\/h3> 系统启动时会开启四个线程分别执行不同模块：<\/p> def<\/span> scanner<\/span>(): <\/span><\/span> """漏洞扫描模块"""<\/span> <\/span><\/span> config_db =<\/span> db_name_conf()['config_db'<\/span>] <\/span><\/span> scanner_time =<\/span> int(connectiondb(config_db).<\/span>find_one()['scanner_time'<\/span>]) <\/span><\/span> print('Scanner is start...'<\/span>) <\/span><\/span> scanner_loop_execute(scanner_time) <\/span><\/span> <\/span><\/span>def<\/span> manage<\/span>(): <\/span><\/span> """Flask WEB服务"""<\/span> <\/span><\/span> app.<\/span>run(host=<\/span>flask_app.<\/span>config.<\/span>get('WEB_HOST'<\/span>), <\/span><\/span> port=<\/span>flask_app.<\/span>config.<\/span>get('WEB_PORT'<\/span>)) <\/span><\/span> <\/span><\/span>def<\/span> discovery<\/span>(): <\/span><\/span> """资产发现模块"""<\/span> <\/span><\/span> print('Discovery is start...'<\/span>) <\/span><\/span> scheduler =<\/span> BlockingScheduler() <\/span><\/span> try<\/span>: <\/span><\/span> # 每天14:47执行端口扫描<\/span> <\/span><\/span> scheduler.<\/span>add_job(MultiProcess().<\/span>start_port_scan, 'cron'<\/span>, <\/span><\/span> day=<\/span>'1-31'<\/span>, hour=<\/span>14<\/span>, minute=<\/span>47<\/span>) <\/span><\/span> scheduler.<\/span>start() <\/span><\/span> except<\/span> Exception<\/span> as<\/span> e: <\/span><\/span> print(e) <\/span><\/span> <\/span><\/span>def<\/span> subdomain<\/span>(): <\/span><\/span> """子域名爆破模块"""<\/span> <\/span><\/span> scanner_time =<\/span> 30<\/span> <\/span><\/span> print('Subdomain is start...'<\/span>) <\/span><\/span> subdomain_loop_execute(scanner_time) <\/span><\/span> <\/span><\/span>if<\/span> __name__ ==<\/span> "__main__"<\/span>: <\/span><\/span> # 开启四个线程执行不同模块<\/span> <\/span><\/span> t1 =<\/span> threading.<\/span>Thread(target=<\/span>scanner, args=<\/span>()) <\/span><\/span> t2 =<\/span> threading.<\/span>Thread(target=<\/span>manage, args=<\/span>()) <\/span><\/span> t3 =<\/span> threading.<\/span>Thread(target=<\/span>subdomain, args=<\/span>()) <\/span><\/span> t4 =<\/span> threading.<\/span>Thread(target=<\/span>discovery, args=<\/span>()) <\/span><\/span> t1.<\/span>start() <\/span><\/span> t2.<\/span>start() <\/span><\/span> t3.<\/span>start() <\/span><\/span> t4.<\/span>start() <\/span><\/span> t1.<\/span>join() <\/span><\/span> t2.<\/span>join() <\/span><\/span> t3.<\/span>join() <\/span><\/span> t4.<\/span>join() <\/span><\/span><\/code><\/pre>四、核心模块详解<\/h2> 1. 子域名爆破模块<\/h3> 工作流程<\/h4> Flask 负责将前端接受的子域名破解信息存储到数据库<\/li> 核心子域名破解程序定时检查数据库配置<\/li> 满足条件时执行暴力破解，结果存入数据库<\/li> <\/ul> 关键代码分析<\/h4> class<\/span> DomainsBrute<\/span>: <\/span><\/span> def<\/span> __init__(self, target_domain, subdomain_dict, domain_id, domain_name): <\/span><\/span> """初始化爆破参数"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> resolver_check<\/span>(self): <\/span><\/span> """检查域名解析"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> handle_domain<\/span>(self): <\/span><\/span> """生成二级\/三级域名列表"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> handle_result<\/span>(self): <\/span><\/span> """处理扫描结果并存入数据库"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> save_db<\/span>(self, result): <\/span><\/span> """将结果存入test_subdomain集合"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> run_multi<\/span>(self): <\/span><\/span> """多进程解析域名"""<\/span> <\/span><\/span> self.<\/span>handle_domain() # 生成子域名字典<\/span> <\/span><\/span> scanner_pool =<\/span> multiprocessing.<\/span>Pool(processes=<\/span>100<\/span>) # 100个进程池<\/span> <\/span><\/span> self.<\/span>result =<\/span> scanner_pool.<\/span>map(ha_resolver_domain, self.<\/span>domain_list) <\/span><\/span> scanner_pool.<\/span>close() <\/span><\/span> scanner_pool.<\/span>join() <\/span><\/span> self.<\/span>handle_result() <\/span><\/span> <\/span><\/span>def<\/span> ha_resolver_domain<\/span>(domain): <\/span><\/span> """解析单个域名"""<\/span> <\/span><\/span> <\/span><\/span>def<\/span> start_brute<\/span>(inc_time): <\/span><\/span> """定时任务入口"""<\/span> <\/span><\/span> schedule.<\/span>enter(inc_time, 1<\/span>, start_brute, (inc_time,)) <\/span><\/span> # 从数据库获取配置<\/span> <\/span><\/span> subdomain_list =<\/span> connectiondb(config_db).<\/span>find_one()['subdomain'<\/span>] <\/span><\/span> for<\/span> domain_text in<\/span> connectiondb(domain_db).<\/span>find(): <\/span><\/span> if<\/span> domain_text['scan_status'<\/span>] ==<\/span> "Preparation"<\/span>: <\/span><\/span> domain_list =<\/span> domain_text['domain_text'<\/span>] <\/span><\/span> domain_id =<\/span> domain_text['_id'<\/span>] <\/span><\/span> domain_name =<\/span> domain_text['domain_name'<\/span>] <\/span><\/span> # 更新状态为Running<\/span> <\/span><\/span> connectiondb(domain_db).<\/span>update_one( <\/span><\/span> {'_id'<\/span>: ObjectId(domain_id)}, <\/span><\/span> {'$set'<\/span>: {'scan_status'<\/span>: 'Running'<\/span>}}) <\/span><\/span> <\/span><\/span> # 执行爆破<\/span> <\/span><\/span> for<\/span> target in<\/span> domain_list: <\/span><\/span> start =<\/span> DomainsBrute(target, subdomain_list, domain_id, domain_name) <\/span><\/span> start.<\/span>run_multi() <\/span><\/span> <\/span><\/span> # 三级域名扫描<\/span> <\/span><\/span> if<\/span> domain_text['scan_option'<\/span>] ==<\/span> "Enable"<\/span>: <\/span><\/span> for<\/span> result in<\/span> connectiondb(subdomain_db).<\/span>find( <\/span><\/span> {'domain_id'<\/span>: ObjectId(domain_id)}): <\/span><\/span> next_subdomain =<\/span> eval(result['result'<\/span>]).<\/span>keys()[0<\/span>] <\/span><\/span> start =<\/span> DomainsBrute(next_subdomain, subdomain_list, <\/span><\/span> domain_id, domain_name) <\/span><\/span> start.<\/span>run_multi() <\/span><\/span> <\/span><\/span> # 更新状态为Done<\/span> <\/span><\/span> connectiondb(domain_db).<\/span>update_one( <\/span><\/span> {'_id'<\/span>: ObjectId(domain_id)}, <\/span><\/span> {'$set'<\/span>: {'scan_status'<\/span>: 'Done'<\/span>}}) <\/span><\/span> <\/span><\/span>def<\/span> subdomain_loop_execute<\/span>(inc): <\/span><\/span> """循环执行入口"""<\/span> <\/span><\/span> schedule.<\/span>enter(inc, 0<\/span>, start_brute, (inc,)) <\/span><\/span> schedule.<\/span>run() <\/span><\/span><\/code><\/pre>2. 端口扫描模块<\/h3> 工作流程<\/h4> 使用 APScheduler 定时任务框架<\/li> 每天14:47自动执行端口扫描<\/li> 使用 nmap 进行扫描<\/li> <\/ul> 关键代码分析<\/h4> def<\/span> nmap_scanner<\/span>(target_host): <\/span><\/span> """使用nmap扫描目标端口"""<\/span> <\/span><\/span> <\/span><\/span>class<\/span> MultiProcess<\/span>: <\/span><\/span> def<\/span> __init__(self): <\/span><\/span> self.<\/span>target_list =<\/span> [] <\/span><\/span> self.<\/span>server_db =<\/span> db_name_conf()['server_db'<\/span>] <\/span><\/span> self.<\/span>asset_db =<\/span> db_name_conf()['asset_db'<\/span>] <\/span><\/span> self.<\/span>processes_count =<\/span> int(connectiondb(config_db).<\/span>find_one()['port_thread'<\/span>]) <\/span><\/span> self.<\/span>asset_id =<\/span> ''<\/span> <\/span><\/span> self.<\/span>asset_name =<\/span> ''<\/span> <\/span><\/span> <\/span><\/span> def<\/span> scan_pool<\/span>(self): <\/span><\/span> """多进程端口扫描"""<\/span> <\/span><\/span> <\/span><\/span> def<\/span> start_port_scan<\/span>(self): <\/span><\/span> """从数据库获取目标并执行扫描"""<\/span> <\/span><\/span> for<\/span> asset_text in<\/span> connectiondb(self.<\/span>asset_db).<\/span>find(): <\/span><\/span> if<\/span> asset_text['scan_option'<\/span>] ==<\/span> "Enable"<\/span>: <\/span><\/span> self.<\/span>asset_id =<\/span> asset_text['_id'<\/span>] <\/span><\/span> self.<\/span>asset_name =<\/span> asset_text['asset_name'<\/span>] <\/span><\/span> self.<\/span>target_list =<\/span> asset_text['asset_text'<\/span>] <\/span><\/span> self.<\/span>scan_pool() <\/span><\/span><\/code><\/pre>3. 漏洞扫描模块<\/h3> 注意事项<\/h4> 使用 Pocsuite 2.0.4 版本<\/li> 新版 Pocsuite 可能导致兼容性问题<\/li> 需要手动修复 password.py 文件<\/li> <\/ul> 修复方法<\/h4> 修改 pocsuite\/lib\/utils\/password.py<\/code>：<\/p> def<\/span> genPassword<\/span>(length=<\/span>8<\/span>, chars=<\/span>string.<\/span>letters +<\/span> string.<\/span>digits): <\/span><\/span> return<\/span> ""<\/span>.<\/span>join([choice(chars) for<\/span> _ in<\/span> range(length)]) <\/span><\/span><\/code><\/pre>关键代码分析<\/h4> def<\/span> verify_poc<\/span>(self, target): <\/span><\/span> """PoC验证函数"""<\/span> <\/span><\/span> <\/span><\/span>def<\/span> start_scan<\/span>(self): <\/span><\/span> """多线程漏洞扫描"""<\/span> <\/span><\/span> <\/span><\/span>def<\/span> periodic_tasks<\/span>(self): <\/span><\/span> """周期性扫描任务"""<\/span> <\/span><\/span> while<\/span> True<\/span>: <\/span><\/span> for<\/span> task_text in<\/span> connectiondb(tasks_db).<\/span>find(): <\/span><\/span> if<\/span> task_text['task_status'<\/span>] ==<\/span> "Preparation"<\/span>: <\/span><\/span> # 更新状态为Running<\/span> <\/span><\/span> connectiondb(tasks_db).<\/span>update_one( <\/span><\/span> {'_id'<\/span>: ObjectId(task_text['_id'<\/span>])}, <\/span><\/span> {'$set'<\/span>: {'task_status'<\/span>: 'Running'<\/span>}}) <\/span><\/span> <\/span><\/span> # 执行扫描<\/span> <\/span><\/span> self.<\/span>start_scan() <\/span><\/span> <\/span><\/span> # 更新状态为Done<\/span> <\/span><\/span> connectiondb(tasks_db).<\/span>update_one( <\/span><\/span> {'_id'<\/span>: ObjectId(task_text['_id'<\/span>])}, <\/span><\/span> {'$set'<\/span>: {'task_status'<\/span>: 'Done'<\/span>}}) <\/span><\/span> time.<\/span>sleep(60<\/span>) <\/span><\/span> <\/span><\/span>def<\/span> scanner_loop_execute<\/span>(inc): <\/span><\/span> """主循环"""<\/span> <\/span><\/span> schedule.<\/span>enter(inc, 0<\/span>, start_brute, (inc,)) <\/span><\/span> schedule.<\/span>run() <\/span><\/span><\/code><\/pre>五、数据库结构详解<\/h2> 主要集合说明<\/h3> test_plugin_info<\/strong> - 插件信息<\/p> plugin_appversion: 影响版本 plugin_vultype: 漏洞名称 plugin_vuldate: 漏洞日期 plugin_filename: 文件路径 plugin_name: 插件名 plugin_appname: 应用名称 plugin_author: 插件作者 _id: ObjectId <\/code><\/pre> <\/li> test_tasks<\/strong> - 扫描任务<\/p> task_status: 任务状态 end_date: 结束时间 scan_target_list: 扫描对象(列表) task_name: 任务名称 plugin_id: 插件id _id: ObjectId start_date: 任务开始时间 task_plan: 扫描计划 <\/code><\/pre> <\/li> test_vuldb<\/strong> - 漏洞结果<\/p> scan_result: 扫描结果 target: 扫描对象 task_id: 任务ID appname: 应用名称 scan_date: 扫描日期 poc_name: 插件名称 vulversion: 漏洞影响版本 poc_vultype: 漏洞类型 task_name: 任务名称 plugin_id: 插件ID _id: ObjectId <\/code><\/pre> <\/li> test_asset<\/strong> - 资产库<\/p> asset_date: 创建日期 scan_option: 资产发现开关 asset_text: 资产列表 asset_name: 资产库名称 dept_name: 部门名称 admin_name: 管理员 _id: ObjectId <\/code><\/pre> <\/li> test_server<\/strong> - 服务信息<\/p> host: 主机 asset_id: 资产库ID port: 端口 port_server: 服务 banner: 指纹(cpe) scan_date: 扫描日期 asset_name: 所属资产库 <\/code><\/pre> <\/li> test_subdomain<\/strong> - 子域名结果<\/p> date: 扫描日期 domain: 主域名 _id: ObjectId result: 子域名 domain_id: 主域名ID domain_name: 域名名称 <\/code><\/pre> <\/li> test_config<\/strong> - 系统配置<\/p> port_thread: 端口扫描线程数 scanner_thread: 漏洞检测线程数 port_list: 端口扫描列表 config_name: 配置文件名称 subdomain: 子域名字典 <\/code><\/pre> <\/li> <\/ol> 六、常见问题解决<\/h2> MongoDB 安装失败<\/strong><\/p> 确保使用正确的安装源（3.6版本）<\/li> 按顺序执行安装命令<\/li> 如失败建议重装系统后再次尝试<\/li> <\/ul> <\/li> nohup 报错<\/strong><\/p> 参考解决方案：https:\/\/blog.csdn.net\/educast\/article\/details\/28273301<\/li> <\/ul> <\/li> Pocsuite 兼容性问题<\/strong><\/p> 使用 2.0.4 版本<\/li> 手动修改 password.py 文件<\/li> 检查其他依赖版本<\/li> <\/ul> <\/li> WEB 服务无法访问<\/strong><\/p> 默认只监听 127.0.0.1<\/li> 修改 config.py 中的 WEB_HOST<\/li> 或配置 Nginx\/Caddy 反向代理<\/li> <\/ul> <\/li> <\/ol> 七、总结<\/h2> InsectsAwake 是一个功能完善的漏洞扫描系统，具有以下特点：<\/p> 模块化设计<\/strong>：各功能模块独立运行，通过数据库交互<\/li> 定时任务<\/strong>：使用 APScheduler 实现周期性扫描<\/li> 多进程\/线程<\/strong>：提高扫描效率<\/li> 可扩展性<\/strong>：可单独提取模块进行二次开发<\/li> <\/ol> 系统适合中小型企业使用，但需要注意：<\/p> 仅支持单个 IP\/URL 扫描，不支持网段<\/li> 子域名爆破功能尚不完善<\/li> Pocsuite 版本兼容性问题需要特别关注<\/li> <\/ul> 通过本教学文档，您应该能够完成系统的安装部署，并理解其核心工作原理，为进一步定制开发打下基础。<\/p>

InsectsAwake 漏洞扫描系统详细教学文档<\/h1>

一、系统概述<\/h2> InsectsAwake 是一个基于 Python 开发的著名开源漏洞扫描系统，启蒙于 Bugscan，脱胎于 Pocsuite。系统采用 FLASK+MongoDB 架构提供 WEB 服务，具备 PoC 的健壮性。<\/p>

二、系统安装<\/h2>

三、系统架构分析<\/h2>

四、核心模块详解<\/h2>

1. 子域名爆破模块<\/h3>

2. 端口扫描模块<\/h3>

3. 漏洞扫描模块<\/h3>

五、数据库结构详解<\/h2>

一、系统概述<\/h2>
InsectsAwake 是一个基于 Python 开发的著名开源漏洞扫描系统，启蒙于 Bugscan，脱胎于 Pocsuite。系统采用 FLASK+MongoDB 架构提供 WEB 服务，具备 PoC 的健壮性。<\/p>