AI prompts
base on 寻找可利用的白文件 # SearchAvailableExe
 [](https://github.com/Neo-Maoku/SearchAvailableExe/stargazers)
Automatically search for available white files on the local machine, high accuracy, simple operation
### 项目演示
https://github.com/Neo-Maoku/SearchAvailableExe/assets/26914648/72d7a8f6-c846-4dc8-af19-e8d2e41e7b79
### 项目适配测试
- 在win11 64、win10 64、win7 64、win7 32、server 2008 64系统中均测试成功,准确率高
### 项目使用vs 2022编译
- 项目包括一个可执行文件和加载Shellcode的测试DLL项目,在dllmain.cpp文件中替换自己的shellcode,再编译dll,把生成32位和64位dll放到可执行文件的同目录下。
### 使用说明
-o:运行输出日志文件存放位置,默认是输出到控制台
-i:指定搜索的目录位置,需要是目录。默认是全盘搜索
-w:搜索的可利用白文件目录是否具有可写权限,默认为否
-c:搜索的可利用白文件需要依赖几个Dll文件,默认为1。系统dll不包括在内
-b:指定搜索的可利用白文件是否为32或64位,默认搜索32和64位程序
-s:是否保存搜索到的可利用文件临时目录,默认为否
-l:过滤dll加载方式,1是静态加载,2是动态加载,3是静态加动态。默认值为3
-p:是否过滤系统dll,系统dll是指在system32或syswow64目录下存在的dll。默认为否
-a:是否开启全段扫描动态dll,默认是扫描rdata和rsrc段
-g:是否过滤子系统不是GUI窗口,默认不过滤
```c
SearchAvailableExe.exe
SearchAvailableExe.exe -p -i "D:" -b 32
SearchAvailableExe.exe -i "D:" -o result.txt -c 2
SearchAvailableExe.exe -i "D:" -l 2 -w
SearchAvailableExe.exe -s -a 1
SearchAvailableExe.exe -p -a 1 -g
```
B站地址:
【一款自研的自动化挖掘白利用程序工具】 https://www.bilibili.com/video/BV1bm421n73Z/?share_source=copy_web&vd_source=c75cdcc6b49a06fd849f2d392e8e3218
### 版本更新日志
V2.0.0
1. 添加参数过滤系统dll参数
2. 优化当静态加载数量为1,也有动态加载时会被过滤掉的bug
3. 修复hook DLLMain导致栈不平衡bug
4. 优化有多个相同文件时,白程序只输出一次
5. 修复相同动态加载dll记录多次bug
V2.0.1
1. 修复只读文件,无法写入bug
2. 新增全段扫描动态dll的-a参数,默认是扫rdata和rsrc段。提高工具的准确率
2. Test目录新增测试程序,可以指定该目录作为输入目录做测试
V2.0.2
1. 修复需要保存文件,同时过滤系统dll时,满足过滤条件的文件夹未被删除bug
2. 添加遍历磁盘扫描等待提示
3. 修复upx加壳导致程序崩溃bug
4. 添加GUI过滤参数,并优化输出
5. 修复-a参数在64位程序下运行报错bug
", Assign "at most 3 tags" to the expected json: {"id":"9097","tags":[]} "only from the tags list I provide: [{"id":77,"name":"3d"},{"id":89,"name":"agent"},{"id":17,"name":"ai"},{"id":54,"name":"algorithm"},{"id":24,"name":"api"},{"id":44,"name":"authentication"},{"id":3,"name":"aws"},{"id":27,"name":"backend"},{"id":60,"name":"benchmark"},{"id":72,"name":"best-practices"},{"id":39,"name":"bitcoin"},{"id":37,"name":"blockchain"},{"id":1,"name":"blog"},{"id":45,"name":"bundler"},{"id":58,"name":"cache"},{"id":21,"name":"chat"},{"id":49,"name":"cicd"},{"id":4,"name":"cli"},{"id":64,"name":"cloud-native"},{"id":48,"name":"cms"},{"id":61,"name":"compiler"},{"id":68,"name":"containerization"},{"id":92,"name":"crm"},{"id":34,"name":"data"},{"id":47,"name":"database"},{"id":8,"name":"declarative-gui "},{"id":9,"name":"deploy-tool"},{"id":53,"name":"desktop-app"},{"id":6,"name":"dev-exp-lib"},{"id":59,"name":"dev-tool"},{"id":13,"name":"ecommerce"},{"id":26,"name":"editor"},{"id":66,"name":"emulator"},{"id":62,"name":"filesystem"},{"id":80,"name":"finance"},{"id":15,"name":"firmware"},{"id":73,"name":"for-fun"},{"id":2,"name":"framework"},{"id":11,"name":"frontend"},{"id":22,"name":"game"},{"id":81,"name":"game-engine "},{"id":23,"name":"graphql"},{"id":84,"name":"gui"},{"id":91,"name":"http"},{"id":5,"name":"http-client"},{"id":51,"name":"iac"},{"id":30,"name":"ide"},{"id":78,"name":"iot"},{"id":40,"name":"json"},{"id":83,"name":"julian"},{"id":38,"name":"k8s"},{"id":31,"name":"language"},{"id":10,"name":"learning-resource"},{"id":33,"name":"lib"},{"id":41,"name":"linter"},{"id":28,"name":"lms"},{"id":16,"name":"logging"},{"id":76,"name":"low-code"},{"id":90,"name":"message-queue"},{"id":42,"name":"mobile-app"},{"id":18,"name":"monitoring"},{"id":36,"name":"networking"},{"id":7,"name":"node-version"},{"id":55,"name":"nosql"},{"id":57,"name":"observability"},{"id":46,"name":"orm"},{"id":52,"name":"os"},{"id":14,"name":"parser"},{"id":74,"name":"react"},{"id":82,"name":"real-time"},{"id":56,"name":"robot"},{"id":65,"name":"runtime"},{"id":32,"name":"sdk"},{"id":71,"name":"search"},{"id":63,"name":"secrets"},{"id":25,"name":"security"},{"id":85,"name":"server"},{"id":86,"name":"serverless"},{"id":70,"name":"storage"},{"id":75,"name":"system-design"},{"id":79,"name":"terminal"},{"id":29,"name":"testing"},{"id":12,"name":"ui"},{"id":50,"name":"ux"},{"id":88,"name":"video"},{"id":20,"name":"web-app"},{"id":35,"name":"web-server"},{"id":43,"name":"webassembly"},{"id":69,"name":"workflow"},{"id":87,"name":"yaml"}]" returns me the "expected json"