security-scanner

TotalClaw 作者 totalclaw

针对 Web 应用程序、API 和基础设施的自动安全扫描和漏洞检测。当您需要扫描目标漏洞、检查 SSL 证书、查找开放端口、检测错误配置或执行安全审核时使用。与 nmap、nuclei 和其他安全工具集成。

安装 / 下载方式

TotalClaw CLI推荐

totalclaw install totalclaw:totalclaw~dmx64-security-scanner

cURL直接下载，无需登录

curl -fsSL https://skills.taituai.com/api/skills/totalclaw%3Atotalclaw~dmx64-security-scanner/file -o dmx64-security-scanner.md

## 概述（中文）

针对 Web 应用程序、API 和基础设施的自动安全扫描和漏洞检测。当您需要扫描目标漏洞、检查 SSL 证书、查找开放端口、检测错误配置或执行安全审核时使用。与 nmap、nuclei 和其他安全工具集成。

## 原文

# Security Scanner

Automated security scanning toolkit for penetration testing and vulnerability assessment.

## Quick Start

### Port Scan
```bash
nmap -sV -sC -oN scan.txt TARGET
```

### Vulnerability Scan
```bash
nuclei -u TARGET -o results.txt
```

### SSL Check
```bash
sslscan TARGET
```

## Scan Types

### 1. Quick Recon
Fast initial scan for live hosts and open ports:
```bash
nmap -sn -T4 SUBNET  # Host discovery
nmap -F TARGET       # Fast port scan (top 100)
```

### 2. Full Port Scan
Comprehensive port and service detection:
```bash
nmap -p- -sV -sC -A TARGET -oN full_scan.txt
```

### 3. Web Application Scan
```bash
nuclei -u https://TARGET -t cves/ -t vulnerabilities/ -o web_vulns.txt
nikto -h TARGET -o nikto_report.txt
```

### 4. SSL/TLS Analysis
```bash
sslscan TARGET
testssl.sh TARGET
```

## Output

Save reports to `reports/security-scan-YYYY-MM-DD.md` with:
- Target information
- Open ports and services
- Vulnerabilities found (severity rated)
- Recommendations

## Ethics

- Only scan authorized targets
- Get written permission before testing
- Report vulnerabilities responsibly
- Never exploit without authorization