Skip to content

v1.26 - 极致的性能优化 - Ultimate performance optimization

Choose a tag to compare

View all tags
@hack007x hack007x released this 21 Mar 16:23
· 1 commit to main since this release
v1.26
1f35e59
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

EN:

  1. Optimized console output information, added vulnerability statistics function.
  2. Maximum OOB verification time: 68 seconds (8s initial wait + 12 polling intervals × 5s). Optimized: Maximum 13 seconds (4s initial wait + 3 polling intervals × 3s).
  3. HTTP client optimization | MaxIdleConns: 200 (global idle connection limit) | MaxIdleConnsPerHost: 10 (idle connections per host) | MaxConnsPerHost: 20 (concurrency limit per host) | IdleConnTimeout: 90s | Enabled Keep-Alive (disabled in the old probe version).
  4. Response body size limit: Added MaxResponseBodySize = 2MB. The scanner does not need to read the entire 50MB page—the matcher only needs the first small portion. Responses exceeding 2MB are automatically truncated to prevent OOM.
  5. Dialer Optimization: Connection timeout 10s | TCP Keep-Alive 30s | TLS handshake timeout 10s
  6. Matcher/Extractor Regular Expression Caching: Regular expression compilation reduced from O(N) to O(1), where N = number of scans.
  7. Shared HTTP Client: Added SharedClient, all workers share the same httpclient.Client, maximizing TCP connection reuse.
  8. Main Loop Architecture Optimization - Stores only vulnerability results: Append only when res.Vulnerable == true, non-vulnerable results are GCed immediately after printing.
  9. Interleaved Scheduling: for template → for target, each POC attacks different hosts in turn, maximizing connection pool utilization.
  10. Latest version POC updated to 3251
    https://github.com/hack007x/veil_poc

ZH:
1:优化输出控制台信息,新增漏洞统计功能
2:每次 OOB 验证耗时最高 68 秒(8s 初始等待 + 12 次 × 5s 轮询间隔)。优化后:最高 13 秒(4s 初始等待 + 3 次 × 3s 轮询间隔)
3:HTTP 客户端优化|MaxIdleConns: 200(全局空闲连接上限)| MaxIdleConnsPerHost: 10(每主机空闲连接)| MaxConnsPerHost: 20(每主机并发上限)| IdleConnTimeout: 90s | 启用 Keep-Alive(旧版 probe 中禁用了)
4:响应体大小限制:新增 MaxResponseBodySize = 2MB。扫描器不需要读取完整的 50MB 页面——matcher 只需要前面一小部分。超过 2MB 的响应自动截断,防止 OOM。
5:Dialer 优化:连接超时 10s | TCP Keep-Alive 30s | TLS 握手超时 10s
6:Matcher/Extractor 正则缓存 :正则编译从 O(N) 降为 O(1),N = 扫描次数。
7:共享 HTTP 客户端:新增 SharedClient ,所有 worker 共享同一个 httpclient.Client,最大化 TCP 连接复用。
8:主循环架构优化-只存储漏洞结果:只有 res.Vulnerable == true 时才 append,非漏洞结果打印后立即 GC
9:交错调度:for template → for target,每个 POC 轮流打不同主机,最大化连接池利用率。
10:最新版本 POC更新至3251个
https://github.com/hack007x/veil_poc

Assets 6
Loading