Home Unlabelled Goscan - Interactive Network Scanner

Goscan - Interactive Network Scanner

By
Friday, September 20, 2019
Read
Add Comment

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction as well as automation over nmap.
Although it started every bit a modest side-project I developed inward companionship to larn @golang, GoScan tin instantly hold upwardly used to perform host discovery, port scanning, as well as service enumeration non alone inward situations where beingness stealthy is non a priority as well as fourth dimension is express (think at CTFs, OSCP, exams, etc.), but also (with a few tweaks inward its configuration) during professional person engagements.
GoScan is also peculiarly suited for unstable environments (think unreliable network connectivity, lack of "screen", etc.), given that it fires scans as well as hold their dry reason inward an SQLite database. Scans run inward the background (detached from the top dog thread), then fifty-fifty if connecter to the box running GoScan is lost, results tin hold upwardly uploaded asynchronously (more on this below). That is, information tin hold upwardly imported into GoScan at unlike stages of the process, without the involve to restart the entire procedure from scratch if something goes wrong.
In addition, the Service Enumeration stage integrates a collection of other tools (e.g., EyeWitness, Hydra, nikto, etc.), each i tailored to target a specific service. 

Installation

Binary installation (Recommended)
Binaries are available from the Release page.
# Linux (64bit) $ wget https://github.com/marco-lancini/goscan/releases/download/v2.1/goscan_2.1_linux_amd64.zip $ unzip goscan_2.1_linux_amd64.zip  # Linux (32bit) $ wget https://github.com/marco-lancini/goscan/releases/download/v2.1/goscan_2.1_linux_386.zip $ unzip goscan_2.1_linux_386.zip  # After that, house the executable inward your PATH $ chmod +x goscan $ sudo mv ./goscan /usr/local/bin/goscan

Build from source
$ git clone https://github.com/marco-lancini/goscan.git $ cd goscan/goscan/ $ brand setup $ brand build
To create a multi-platform binary, purpose the cross ascendence via make:
$ brand cross

Docker
$ git clone https://github.com/marco-lancini/goscan.git $ cd goscan/ $ docker-compose upwardly --build

Usage
GoScan supports all the top dog steps of network enumeration:


Step Commands
1. Load targets
  • Add a unmarried target via the CLI (must hold upwardly a /32): load target SINGLE
  • Upload multiple targets from a text file or folder: load target MULTI
2. Host Discovery
  • Perform a Ping Sweep: sweep
  • Or charge results from a previous discovery:
    • Add a unmarried hold upwardly host via the CLI (must hold upwardly a /32): load hold upwardly SINGLE
    • Upload multiple hold upwardly hosts from a text file or folder: load hold upwardly MULTI
3. Port Scanning
  • Perform a port scan: portscan
  • Or upload nmap results from XML files or folder: load portscan
4. Service Enumeration
  • Dry Run (only present commands, without performing them): enumerate DRY
  • Perform enumeration of detected services: enumerate
5. Special Scans
  • EyeWitness
    • Take screenshots of websites, RDP services, as well as opened upwardly VNC servers (KALI ONLY): special eyewitness
    • EyeWitness.py needs to hold upwardly inward the organisation path
  • Extract (Windows) domain information from enumeration data
    • special domain
  • DNS
    • Enumerate DNS (nmap, dnsrecon, dnsenum): special dns DISCOVERY
    • Bruteforce DNS: special dns BRUTEFORCE
    • Reverse Bruteforce DNS: special dns BRUTEFORCE_REVERSE
Utils
  • Show results: show
  • Change the output folder (by default /goscan): set output_folder
  • Modify the default nmap switches: set nmap_switches
  • Modify the default wordlists: set_wordlists

External Integrations
The Service Enumeration stage currently supports the next integrations:
WHAT INTEGRATION
ARP
  • nmap
DNS
  • nmap
  • dnsrecon
  • dnsenum
  • host
FINGER
  • nmap
  • finger-user-enum
FTP
  • nmap
  • ftp-user-enum
  • hydra [AGGRESSIVE]
HTTP
  • nmap
  • nikto
  • dirb
  • EyeWitness
  • sqlmap [AGGRESSIVE]
  • fimap [AGGRESSIVE]
RDP
  • nmap
  • EyeWitness
SMB
  • nmap
  • enum4linux
  • nbtscan
  • samrdump
SMTP
  • nmap
  • smtp-user-enum
SNMP
  • nmap
  • snmpcheck
  • onesixtyone
  • snmpwalk
SSH
  • hydra [AGGRESSIVE]
SQL
  • nmap
VNC
  • EyeWitness


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us