关联漏洞
描述
Commvault CVE-2025-34028 endpoint scanner using Nmap NSE. For ethical testing and configuration validation.
介绍
# infra-monitor
**infra-monitor** is a lightweight Nmap NSE script for silently testing response consistency across web infrastructure routes.
It helps detect anomalies in access control, configuration discrepancies, or potential inconsistencies in how different endpoints respond.
This tool is designed for **ethical diagnostics** and **authorized infrastructure audits**.
---
## 🔍 Features
- Compares HTTP responses between normal and slightly varied access patterns
- Supports multiple HTTP headers to simulate real client traffic
- Detects potential filtering behavior or inconsistent behavior on protected routes
- Fully silent and unobtrusive by design — does not trigger obvious vulnerability scans
---
## 📅 Installation
1. Download the script:
```bash
curl -O https://raw.githubusercontent.com/your-user/infra-monitor/main/infra-monitor.nse
```
2. Run it using Nmap:
```bash
nmap -p443 --script=./infra-monitor.nse www.example.com
```
Or for multiple hosts:
```bash
nmap -p443 --script=./infra-monitor.nse -iL targets.txt
```
---
## 📄 Example Output
```
| infra-monitor: Responses matched normally
|_No unusual behavior observed
```
```
| infra-monitor: Response mismatch: 200 vs 403
|_Observed activity at: /ccenter/setup.jsp (code: 500)
```
---
## ⚠️ Legal & Ethical Use
This script is intended for **authorized security assessments and diagnostic audits only**.
Do not use against targets you do not own or explicitly have permission to test.
---
## 👤 Author
Built by [Eliran Loai Deeb](https://www.linkedin.com/in/loai-deeb), cybersecurity researcher & ethical hacker.
---
文件快照
[4.0K] /data/pocs/40615c055c2f0800810309122021c5b10cd71845
├── [1.7K] infra-monitor.nse
└── [1.6K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。