GoScan

GoScan is a project I developed in order to learn @golang. It is an interactive network scanner client, featuring auto-complete, which provides abstraction and automation over nmap.

It can be used to perform host discovery, port scanning, and service enumeration in situations where being stealthy is not a priority, and time is limited (think at CTFs, OSCP, exams, etc.).

Installation

Binary installation (Recommended)

Binaries are available from the Release page.

# macOS (darwin)
$ wget https://github.com/marco-lancini/goscan/releases/download/v1.5/goscan_1.5_darwin_amd64.zip
$ unzip goscan_1.5_darwin_amd64.zip

# Linux
$ wget https://github.com/marco-lancini/goscan/releases/download/v1.5/goscan_1.5_linux_amd64.zip
$ unzip goscan_1.5_linux_amd64.zip

# After that, place the executable in your PATH
$ chmod +x goscan
$ sudo mv ./goscan /usr/local/bin/goscan

Build from source

$ git clone https://github.com/marco-lancini/goscan.git
$ cd goscan/goscan/
$ make setup
$ make build

To create a multi-platform binary, use the cross command via make:

$ make cross

Docker

$ git clone https://github.com/marco-lancini/goscan.git
$ cd goscan/
$ docker-compose up --build

Usage

GoScan supports all the main steps of network enumeration:

Host Discovery (ARP + ping sweep): sweep <TYPE> <TARGET>
Port Scanning: portscan <TYPE> <TARGET>
Service Enumeration: enumerate <TYPE> <POLITE/AGGRESSIVE> <TARGET>

Plus some more:

DNS enumeration: dns <DISCOVERY/BRUTEFORCE/BRUTEFORCE_REVERSE> <DOMAIN> [<BASE_IP>]
Domain enumeration (Extract windows domain information from enumeration data): domain <users/hosts/servers>

In addition, it has a few supporting commands:

Change the output folder (by default ~/goscan): set_output_folder <PATH>
Modify the default nmap switches: set_nmap_switches <SWEEP/TCP_FULL/TCP_STANDARD/TCP_VULN/UDP_STANDARD>
Modify the default wordlists: set_wordlists <FINGER_USER/FTP_USER/...>
Show live hosts: show hosts
Show detailed ports information: show ports
Reset the database: db reset

Full Command List

COMMAND	SYNTAX
Set output folder	`set_output_folder <PATH>`
Modify the default nmap switches	`set_nmap_switches <SWEEP/TCP_FULL/TCP_STANDARD/TCP_VULN/UDP_STANDARD>`
Modify the default wordlists	`set_wordlists <FINGER_USER/FTP_USER/...>`
Ping Sweep	`sweep <TYPE> <TARGET>`
Port Scan	`portscan <TYPE> <TARGET>`
Service Enumeration	`enumerate <TYPE> <POLITE/AGGRESSIVE> <TARGET>`
DNS Enumeration	`dns <DISCOVERY/BRUTEFORCE/BRUTEFORCE_REVERSE> <DOMAIN> [<BASE_IP>]`
Extract (windows) domain information from enumeration data	`domain <users/hosts/servers>`
Show live hosts	`show hosts`
Show detailed ports information	`show ports`
Manage DB	`db <reset>`
Exit this program	`exit`

External Integrations

The Service Enumeration phase currently supports the following integrations:

WHAT	INTEGRATION
ARP	nmap netdiscover
DNS	nmap dnsrecon dnsenum host
FINGER	nmap finger-user-enum
FTP	nmap ftp-user-enum hydra
HTTP	nmap nikto dirb sqlmap fimap
RDP	nmap
SMB	nmap enum4linux nbtscan samrdump
SMTP	nmap smtp-user-enum
SNMP	nmap snmpcheck onesixtyone snmpwalk
SSH	hydra
SQL	nmap

License

GoScan is released under a MIT License. See the LICENSE file for full details.

wood520 / goscan Goto Github PK

goscan's Introduction

GoScan

Installation

Binary installation (Recommended)

Build from source

Docker

Usage

Full Command List

External Integrations

License

goscan's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent