From 580a98e9ba8b5c65373779b12dadd0bedccbb816 Mon Sep 17 00:00:00 2001 From: moyan <1561515308@qq.com> Date: Sun, 7 Jun 2026 22:37:39 +0800 Subject: [PATCH 1/2] =?UTF-8?q?feat(rules):=20=E5=A2=9E=E5=BC=BA=E5=A4=9A?= =?UTF-8?q?=E6=9D=A1=E6=A3=80=E6=B5=8B=E8=A7=84=E5=88=99=E5=B9=B6=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D=20Vercel=20=E8=AF=AF=E6=8A=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - React Router: 添加 __reactRouterVersion 全局变量检测 - Vue: 添加 __VUE_DEVTOOLS_GLOBAL_HOOK__ 全局变量检测 - Discourse: 增强检测(meta generator、discourse-version、更多 globals、selectors) - OpenList: 新增规则(meta generator、OPENLIST_CONFIG) - Cloudreve: 新增规则(cloudreve-frontend) - VuePress: 添加 meta generator 标签检测 - Vercel: 修复误报,移除 x-matched-path 作为判断依据 --- public/rules/headers/header-patterns.json | 2 +- public/rules/page/frontend-extra.json | 2 +- public/rules/page/frontend-frameworks.json | 2 +- public/rules/page/website-programs.json | 19 +++++++++++++++++-- 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/public/rules/headers/header-patterns.json b/public/rules/headers/header-patterns.json index e0ba600..1fa06d5 100644 --- a/public/rules/headers/header-patterns.json +++ b/public/rules/headers/header-patterns.json @@ -248,7 +248,7 @@ }, { "name": "Vercel", - "patterns": ["(?:^|\\n)x-vercel-id:", "(?:^|\\n)x-matched-path:", "server:.*vercel"], + "patterns": ["(?:^|\\n)x-vercel-id:", "server:.*vercel"], "evidence": "存在 Vercel 响应头" }, { diff --git a/public/rules/page/frontend-extra.json b/public/rules/page/frontend-extra.json index 8b21707..516ea4c 100644 --- a/public/rules/page/frontend-extra.json +++ b/public/rules/page/frontend-extra.json @@ -463,7 +463,7 @@ "patterns": [ "(?:^|/)react-router(?:-dom)?(?:@[\\d.]+)?(?:/[^\\s\"'<>]+)?\\.(?:m?js|cjs)(?:[?#\"'<>\\s]|$)" ], - "globals": ["ReactRouter", "ReactRouterDOM"] + "globals": ["ReactRouter", "ReactRouterDOM", "__reactRouterVersion"] }, { "name": "Anime.js", diff --git a/public/rules/page/frontend-frameworks.json b/public/rules/page/frontend-frameworks.json index dbb3531..cd6cc37 100644 --- a/public/rules/page/frontend-frameworks.json +++ b/public/rules/page/frontend-frameworks.json @@ -18,7 +18,7 @@ { "name": "Vue", "patterns": ["vue(?:\\.runtime)?(?:\\.global)?(?:\\.prod)?(?:\\.min)?\\.js", "vue-router", "pinia"], - "globals": ["Vue"], + "globals": ["Vue", "__VUE_DEVTOOLS_GLOBAL_HOOK__"], "selectors": ["[data-v-app]", "#app.__vue__"] }, { diff --git a/public/rules/page/website-programs.json b/public/rules/page/website-programs.json index 6721bdb..5c97b80 100644 --- a/public/rules/page/website-programs.json +++ b/public/rules/page/website-programs.json @@ -155,11 +155,26 @@ "kind": "论坛 / 社区", "patterns": [ "]+name=[\"']?generator[\"']?[^>]+content=[\"'][^\"']*discourse", + "]+name=[\"']?discourse-version[\"']?", "__DISCOURSE", "/assets/discourse-", "discourse_theme" ], - "globals": ["Discourse"] + "globals": ["Discourse", "Discourse.SiteSettings", "Discourse.User"], + "selectors": [".discourse-application", "#discourse-modal"] + }, + { + "name": "OpenList", + "kind": "文件列表", + "patterns": [ + "]+name=[\"']?generator[\"']?[^>]+content=[\"'][^\"']*OpenList" + ], + "globals": ["OPENLIST_CONFIG"] + }, + { + "name": "Cloudreve", + "kind": "网盘", + "patterns": ["cloudreve-frontend"] }, { "name": "MediaWiki", @@ -290,7 +305,7 @@ }, { "name": "VuePress", - "patterns": ["vuepress", "__VUEPRESS__"] + "patterns": ["]+name=[\"']?generator[\"']?[^>]+content=[\"'][^\"']*VuePress", "vuepress", "__VUEPRESS__"] }, { "name": "Docsify", From 5e295c01a1b5f5f36b1ed5e68b5d1583ea904a20 Mon Sep 17 00:00:00 2001 From: moyan <1561515308@qq.com> Date: Sun, 7 Jun 2026 23:14:11 +0800 Subject: [PATCH 2/2] =?UTF-8?q?feat(rules):=20=E4=BB=8E=20nmap-service-pro?= =?UTF-8?q?bes=20=E6=8F=90=E5=8F=96=E9=AB=98=E4=BB=B7=E5=80=BC=20Web=20?= =?UTF-8?q?=E6=8A=80=E6=9C=AF=E6=A0=88=E7=89=B9=E5=BE=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - server-products: 新增 WEBrick、Python http.server、GoAhead、lighttpd、Payara、IBM HTTP Server、Sinopia、NodeBB、RESTHeart - powered-by-products: 新增 Sinopia、NodeBB、RESTHeart、Payara Server、Servlet、JSP - interesting-headers: 新增 kbn-name/kbn-version、liferay-portal、x-hudson/x-hudson-cli-port、x-app-name、x-cascade - header-patterns: 新增 Kibana(kbn 头)、Grafana(grafana_sess cookie)、Jenkins(X-Hudson 头)、SonarQube(_sonar_session cookie)、Sinatra(X-Cascade + __sinatra__ 资源)、Perl Mojolicious、Liferay Portal --- public/rules/headers/header-patterns.json | 78 +++++++++++++++++++ public/rules/headers/interesting-headers.json | 9 ++- public/rules/headers/powered-by-products.json | 24 ++++++ public/rules/headers/server-products.json | 36 +++++++++ 4 files changed, 146 insertions(+), 1 deletion(-) diff --git a/public/rules/headers/header-patterns.json b/public/rules/headers/header-patterns.json index 1fa06d5..8c75ad3 100644 --- a/public/rules/headers/header-patterns.json +++ b/public/rules/headers/header-patterns.json @@ -138,6 +138,84 @@ } ] }, + { + "defaults": { + "category": "数据基础设施", + "confidence": "高" + }, + "rules": [ + { + "name": "Elasticsearch Kibana", + "patterns": [ + "(?:^|\\n)kbn-name:", + "(?:^|\\n)kbn-version:", + "(?:^|\\n)x-app-name:\\s*kibana" + ], + "evidence": "响应头包含 Kibana 专属标识" + }, + { + "name": "Grafana", + "patterns": [ + "(?:^|\\n)set-cookie:[^\\n]*(?:^|[;,\\s])grafana_sess(?:=|[,;\\s]|$)" + ], + "evidence": "Set-Cookie 包含 Grafana 会话标识" + } + ] + }, + { + "defaults": { + "category": "DevOps / 研发效能", + "confidence": "高" + }, + "rules": [ + { + "name": "Jenkins", + "patterns": [ + "(?:^|\\n)x-hudson:", + "(?:^|\\n)x-hudson-cli-port:" + ], + "evidence": "响应头包含 Hudson / Jenkins 专属标识" + }, + { + "name": "SonarQube", + "patterns": [ + "(?:^|\\n)set-cookie:[^\\n]*(?:^|[;,\\s])_sonar_session(?:=|[,;\\s]|$)" + ], + "evidence": "Set-Cookie 包含 SonarQube 会话标识" + } + ] + }, + { + "defaults": { + "category": "后端 / 服务器框架" + }, + "rules": [ + { + "name": "Sinatra", + "confidence": "中", + "patterns": [ + "(?:^|\\n)x-cascade:\\s*pass", + "__sinatra__" + ], + "evidence": "响应头或资源路径包含 Sinatra 框架线索" + }, + { + "name": "Perl Mojolicious", + "confidence": "中", + "patterns": [ + "(?:^|\\n)x-powered-by:[^\\n]*mojolicious" + ], + "evidence": "X-Powered-By 包含 Mojolicious 框架标识" + } + ] + }, + { + "category": "CMS / 电商平台", + "name": "Liferay Portal", + "confidence": "高", + "patterns": ["(?:^|\\n)liferay-portal:"], + "evidence": "响应头包含 Liferay Portal 专属标识" + }, { "category": "CMS / 电商平台", "name": "Drupal", diff --git a/public/rules/headers/interesting-headers.json b/public/rules/headers/interesting-headers.json index d14148c..9e9d31b 100644 --- a/public/rules/headers/interesting-headers.json +++ b/public/rules/headers/interesting-headers.json @@ -69,7 +69,14 @@ "x-iinfo", "x-px", "x-hwcdn-cache", - "x-hwcdn-request-id" + "x-hwcdn-request-id", + "kbn-name", + "kbn-version", + "liferay-portal", + "x-hudson", + "x-hudson-cli-port", + "x-app-name", + "x-cascade" ] } } diff --git a/public/rules/headers/powered-by-products.json b/public/rules/headers/powered-by-products.json index 10d64fc..f7f515b 100644 --- a/public/rules/headers/powered-by-products.json +++ b/public/rules/headers/powered-by-products.json @@ -317,6 +317,30 @@ "name": "Rust", "confidence": "中", "patterns": ["\\brust\\b|rustlang"] + }, + { + "name": "Sinopia", + "patterns": ["\\bsinopia\\b"] + }, + { + "name": "NodeBB", + "patterns": ["\\bnodebb\\b"] + }, + { + "name": "RESTHeart", + "patterns": ["\\brestheart\\b"] + }, + { + "name": "Payara Server", + "patterns": ["\\bpayara\\b"] + }, + { + "name": "Servlet", + "patterns": ["\\bservlet\\b"] + }, + { + "name": "JSP", + "patterns": ["\\bjsp\\b"] } ] } diff --git a/public/rules/headers/server-products.json b/public/rules/headers/server-products.json index 8ec6776..0449ca4 100644 --- a/public/rules/headers/server-products.json +++ b/public/rules/headers/server-products.json @@ -161,6 +161,42 @@ { "name": "OpenSwoole", "patterns": ["openswoole|open\\s*swoole"] + }, + { + "name": "WEBrick", + "patterns": ["\\bwebrick\\b"] + }, + { + "name": "Python http.server", + "patterns": ["basehttp|python.*http\\.server"] + }, + { + "name": "GoAhead WebServer", + "patterns": ["goahead[-\\s]?webs?"] + }, + { + "name": "lighttpd", + "patterns": ["\\blighttpd\\b"] + }, + { + "name": "Payara Server", + "patterns": ["\\bpayara\\b"] + }, + { + "name": "IBM HTTP Server", + "patterns": ["ibm[_-]http[_-]server|\\bihs\\b"] + }, + { + "name": "Sinopia", + "patterns": ["\\bsinopia\\b"] + }, + { + "name": "NodeBB", + "patterns": ["\\bnodebb\\b"] + }, + { + "name": "RESTHeart", + "patterns": ["\\brestheart\\b"] } ] },