清洗 github Hawkeye 爬虫监控 误报

https://github.com/0xbug/Hawkeye

#!/usr/bin/env python
# -*- coding:utf-8 -*-
from pymongo import MongoClient
import base64
import time
conn = MongoClient('192.168.8.128', 27017)
db = conn.hawkeye
my_set = db.result
while True:
    for line in my_set.find({"ignore":0,"security":0,},{"link":1,"tag":1,"code":1}):
        if " " in line["tag"]:
            keyword = line["tag"].split(" ")[0]
        else :
            keyword = line["tag"]
        coder = base64.b64decode(line["code"]).decode('utf-8')
        if keyword not in coder:
            my_set.update({"_id":line["_id"]},{"$set":{"ignore":1,"security":1,}})
            print keyword,line["_id"],u"已忽略"
        else:
            print time.strftime('%Y-%m-%d %H:%M:%S ---------- ', time.localtime(time.time())),keyword,line["_id"],u"手工排查"
    time.sleep(30)
    #exit()

github 项目中搜索敏感 关键字 https://项目地址/search?utf8=✓&q=pass OR password OR passwd OR pwd OR smtp OR database

优化规则:test.com AND user OR pass OR password OR passwd OR database,也可在程序中增加文件,动态更新学习白名单及其他纬度条件。

发表评论

电子邮件地址不会被公开。 必填项已用*标注

This site uses Akismet to reduce spam. Learn how your comment data is processed.