Search Viewer 安全扫描报告 — 可信 | ClawSafe

10 /100

Search Viewer

信息收集与空间测绘工具 - 聚合Fofa/Hunter/Shodan/Quake/Zoomeye

This is a legitimate open-source OSINT reconnaissance tool that aggregates multiple space mapping platforms (Fofa, Hunter, Shodan, Quake, Zoomeye, Censys). No malicious behavior detected.

技能名称Search Viewer

分析耗时34.2s

引擎pi

✓

可以安装

No action required. The skill performs exactly as documented.

安全发现 2 项

严重性	安全发现	位置
低危	Dependencies not version pinned 供应链 pip install command uses unpinned versions for pyside2 and requests, allowing potential supply chain attacks via version changes `pip install pyside2 requests` → Pin versions: pip install pyside2==5.15.2 requests==2.28.0	`SKILL.md:54`
提示	Hardcoded IP address in documentation 文档欺骗 SKILL.md line 92 shows ip="1.1.1.1" as a Hunter search example. 1.1.1.1 is Cloudflare's public DNS resolver, commonly used as a benign example IP `ip="1.1.1.1"` → No action needed - this is a legitimate public IP used as documentation example	`SKILL.md:92`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md:54-55 + Search_Viewer.py:97-152 (config.ini write)
网络访问	`READ`	`READ`	✓ 一致	SKILL.md:10-21 (lists all 6 API platforms)
命令执行	`NONE`	`NONE`	—	No subprocess or os.system calls found
环境变量	`NONE`	`NONE`	—	No os.environ access
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser automation
数据库	`NONE`	`NONE`	—	No database access

1 高危 18 项发现

📡

高危 IP 地址硬编码 IP 地址

1.1.1.1

SKILL.md:92

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/Platform-Windows%20%7C%20macOS%20%7C%20Linux-blue

README.MD:5

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/Language-Python%20%7C%20C%2B%2B-yellow

README.MD:6

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/License-GPL--3.0-green

README.MD:7

🔗

中危外部 URL 外部 URL

https://fofa.info

README.MD:56

🔗

中危外部 URL 外部 URL

https://hunter.qianxin.com

README.MD:57

🔗

中危外部 URL 外部 URL

https://www.shodan.io

README.MD:58

🔗

中危外部 URL 外部 URL

https://quake.360.cn

README.MD:59

🔗

中危外部 URL 外部 URL

https://www.zoomeye.org

README.MD:60

🔗

中危外部 URL 外部 URL

https://fofa.info/api/v1/search/all?email=

Search_Viewer.py:314

🔗

中危外部 URL 外部 URL

https://hunter.qianxin.com/openApi/search?&api-key=

Search_Viewer.py:442

🔗

中危外部 URL 外部 URL

https://quake.360.net/api/v3/search/quake_service

Search_Viewer.py:775

🔗

中危外部 URL 外部 URL

https://quake.360.net/api/v3/user/info

Search_Viewer.py:782

🔗

中危外部 URL 外部 URL

https://api.zoomeye.org/resources-info

Search_Viewer.py:888

🔗

中危外部 URL 外部 URL

https://api.zoomeye.org/host/search?

Search_Viewer.py:893

🔗

中危外部 URL 外部 URL

https://search.censys.io/api/v2/hosts/search?q=

Search_Viewer.py:988

🔗

中危外部 URL 外部 URL

https://search.censys.io/api/v2/hosts/

Search_Viewer.py:990

🔗

中危外部 URL 外部 URL

https://search.censys.io/api/v2

Search_Viewer.py:1192

目录结构

7 文件 · 86.7 KB · 2319 行

Python 3f · 1935L Markdown 3f · 372L JSON 1f · 12L

├─ 📋 _meta.json JSON 12L · 432 B

├─ 📝 CHANGELOG.MD Markdown 101L · 1.6 KB

├─ 🐍 iconhash.py Python 33L · 1.1 KB

├─ 📝 README.MD Markdown 108L · 2.4 KB

├─ 🐍 resources_rc.py Python 307L · 12.8 KB

├─ 🐍 Search_Viewer.py Python 1595L · 65.4 KB

└─ 📝 SKILL.md Markdown 163L · 2.9 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`pyside2`	`*`	pip	否	Version not pinned
`requests`	`*`	pip	否	Version not pinned

安全亮点

✓ No reverse shell, C2, or covert data exfiltration detected

✓ No credential harvesting beyond user-provided API keys (stored in config.ini as declared)

✓ No base64-encoded obfuscation or anti-analysis patterns

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No supply chain compromise - uses standard legitimate libraries (requests, PySide2, shodan SDK)

✓ All network activity matches documented API calls to legitimate OSINT platforms

✓ No persistence mechanisms (no cron, startup hooks, or backdoors)

✓ Base64 usage is for API query encoding only (qbase64 parameter), not obfuscation

✓ Threading is used for legitimate async UI operations

✓ CSV exports are user-initiated with confirmation dialogs