Share
## https://sploitus.com/exploit?id=3ADCEBB2-FF7A-55FB-B74E-18A9AEBC43CA
# Auto-WebLogicScanner

An automated WebLogic vulnerability detection tool that supports batch scanning, CDN identification, FOFA asset expansion, and plugin-based POC verification. ## Features

- โœ… Intelligent CDN identification and real IP acquisition
- โœ… Multi-dimensional port and service detection (based on python-nmap)
- โœ… FOFA API asset expansion
- โœ… Plugin-based POC structure (supports CVE-2019-2725)
- โœ… Batch concurrent detection (ThreadPoolExecutor)
- โœ… Automated workflow

## Installation Requirements

```bash
pip install -r requirements.txt
```

## Configuration Instructions

Edit the `config.yaml` file to configure FOFA API information:

```yaml
fofa:
  email: "your_email@example.com"
  api_key: "your_api_key"
```

## Usage

### Method 1: Reading targets from a file

Create an `ips.txt` file, with one IP or domain name per line:

```
192.168.1.1
example.com
10.0.0.1
```

Run the scan:

```bash
python main.py
```

### Method 2: Using FOFA to automatically acquire assets

After configuring the FOFA API in `config.yaml`, the tool will automatically retrieve assets from FOFA and perform scans. ## Output Results

- `result_vuln.txt`: List of detected vulnerabilities
- `scanner.log`: Scan logs

## Disclaimer

This tool is intended for security research and authorized testing purposes only. Users must comply with relevant laws and regulations, and it must not be used for illegal purposes.