Home

Awesome

Tweet Follow on Twitter GitHub Followers

<p align="center"> <a href="/README_CN.md">README_中文</a> • <a href="/static/Installation.md">Compile/Install/Run</a> • <a href="/static/usage.md">Parameter Description</a> • <a href="/static/running.md">How to use</a> • <a href="/static/scenario.md">Scenario</a> • <a href="/static/pocs.md">POC List</a> • <a href="/static/development.md">Custom Scan</a> • <a href="/static/NicePwn.md">Best Practices</a> </p>

Features

<h1 align="center"> <img width="928" alt="image" src="https://user-images.githubusercontent.com/18223385/175768227-098c779b-6c5f-48ee-91b1-c56e3daa9c87.png"> </h1>
  export PPSSWWDD=yourRootPswd 

More references: config/doNmapScan.sh By default, naabu is used to complete port scanning -stats=true to view the scanning progress Can I not scan Ports?

noScan=true ./goscan -l list.txt -v
# nmap result default noScan=true 
./goscan -l nmapRssuilt.xml -v
<img src="/static/nmap.gif" width="400">
TAGCOUNTAUTHORCOUNTDIRECTORYCOUNTSEVERITYCOUNTTYPECOUNT
cve1430daffainfo631cves1407info1474http3858
panel655dhiyaneshdk584exposed-panels662high1009file76
edb563pikpikcu329vulnerabilities509medium818network51
lfi509pdteam269technologies282critical478dns17
xss491geeknik187exposures275low225
wordpress419dwisiswant0169misconfiguration237unknown11
exposure4070x_akoko165token-spray230
cve2021352princechaddha151workflows189
rce337ritikchaddha137default-logins103
wp-plugin316pussycat0x133file76

281 directories, 3922 files.

mkdir ~/codespace/;cd ~/codespace/;git clone https://github.com/w3security/log4j.scan

work process

<img src="static/workflow.jpg">

how to install

download from <a href=https://github.com/w3security/goscan/releases>Releases</a>

go install github.com/w3security/goscan@latest
goscan -h

how to use

mkdir -p logs data
docker run --restart=always --ulimit nofile=65536:65536 -p 9200:9200 -p 9300:9300 -d --name es -v $PWD/logs:/usr/share/elasticsearch/logs -v $PWD /config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml -v $PWD/config/jvm.options:/usr/share/elasticsearch/config/jvm.options -v $PWD/data:/ usr/share/elasticsearch/data w3security/elasticsearch:7.16.2
# Initialize the es index, the result structure of each tool is different, and it is stored separately
./config/initEs.sh

# Search syntax, more query methods, learn Elasticsearch by yourself
http://127.0.0.1:9200/nmap_index/_doc/_search?q=_id:192.168.0.111
where 92.168.0.111 is the target to query

go build
# Precise scan szUrl list UrlPrecise=true
UrlPrecise=true ./goscan -l xx.txt
# Disable adaptation to nmap and use naabu port to scan its internally defined http-related Ports
priorityNmap=false ./goscan -tp http -list allOut.txt -v

Work Plan

Q & A

more see: <a href=https://github.com/w3security/goscan/discussions>discussions</a>

Changelog

💖Star

Stargazers over time (https://www.paypal.me/pwned2019) miracletalent@gmail.com|<img width=166 src=https://raw.githubusercontent.com/w3security/myhktools/main/md/BTC.png>|<img width=166 src=https://raw.githubusercontent.com/w3security/myhktools/main/md/BCH.jpg>|