Home Unlabelled Goscan - Interactive Network Scanner

Goscan - Interactive Network Scanner

By
Thursday, September 19, 2019
Read
Add Comment

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction in addition to automation over nmap.
Although it started every bit a small-scale side-project I developed inward lodge to larn @golang, GoScan tin lavatory straightaway live on used to perform host discovery, port scanning, in addition to service enumeration non solely inward situations where beingness stealthy is non a priority in addition to fourth dimension is express (think at CTFs, OSCP, exams, etc.), but also (with a few tweaks inward its configuration) during professional person engagements.

GoScan is also peculiarly suited for unstable environments (think unreliable network connectivity, lack of "screen", etc.), given that it fires scans in addition to keep their dry soil inward an SQLite database. Scans run inward the background (detached from the primary thread), in addition to then fifty-fifty if connectedness to the box running GoScan is lost, results tin lavatory live on uploaded asynchronously (more on this below). That is, information tin lavatory live on imported into GoScan at unlike stages of the process, without the bespeak to restart the entire procedure from scratch if something goes wrong.
In addition, the Service Enumeration stage integrates a collection of other tools (e.g., EyeWitness, Hydra, nikto, etc.), each ane tailored to target a specific service.


Installation

Binary installation (Recommended)
Binaries are available from the Release page.
# Linux (64bit) $ wget https://github.com/marco-lancini/goscan/releases/download/v2.3/goscan_2.3_linux_amd64.zip $ unzip goscan_2.3_linux_amd64.zip  # Linux (32bit) $ wget https://github.com/marco-lancini/goscan/releases/download/v2.3/goscan_2.3_linux_386.zip $ unzip goscan_2.3_linux_386.zip  # After that, house the executable inward your PATH $ chmod +x goscan $ sudo mv ./goscan /usr/local/bin/goscan

Build from source
$ git clone https://github.com/marco-lancini/goscan.git $ cd goscan/goscan/ $ brand setup $ brand build
To create a multi-platform binary, operate the cross ascendance via make:
$ brand cross

Docker
$ git clone https://github.com/marco-lancini/goscan.git $ cd goscan/ $ docker-compose upwards --build

Usage
GoScan supports all the primary steps of network enumeration:



Step Commands
1. Load targets
  • Add a unmarried target via the CLI (must live on a valid CIDR): load target SINGLE
  • Upload multiple targets from a text file or folder: load target MULTI
2. Host Discovery
  • Perform a Ping Sweep: sweep
  • Or charge results from a previous discovery:
    • Add a unmarried live on host via the CLI (must live on a /32): load live on SINGLE
    • Upload multiple live on hosts from a text file or folder: load live on MULTI
3. Port Scanning
  • Perform a port scan: portscan
  • Or upload nmap results from XML files or folder: load portscan
4. Service Enumeration
  • Dry Run (only exhibit commands, without performing them): enumerate DRY
  • Perform enumeration of detected services: enumerate
5. Special Scans
  • EyeWitness
    • Take screenshots of websites, RDP services, in addition to opened upwards VNC servers (KALI ONLY): special eyewitness
    • EyeWitness.py needs to live on inward the arrangement path
  • Extract (Windows) domain information from enumeration data
    • special domain
  • DNS
    • Enumerate DNS (nmap, dnsrecon, dnsenum): special dns DISCOVERY
    • Bruteforce DNS: special dns BRUTEFORCE
    • Reverse Bruteforce DNS: special dns BRUTEFORCE_REVERSE
Utils
  • Show results: show
  • Automatically configure settings past times loading a config file: set config_file
  • Change the output folder (by default /goscan): set output_folder
  • Modify the default nmap switches: set nmap_switches
  • Modify the default wordlists: set_wordlists

External Integrations
The Service Enumeration stage currently supports the next integrations:
WHAT INTEGRATION
ARP
  • nmap
DNS
  • nmap
  • dnsrecon
  • dnsenum
  • host
FINGER
  • nmap
  • finger-user-enum
FTP
  • nmap
  • ftp-user-enum
  • hydra [AGGRESSIVE]
HTTP
  • nmap
  • nikto
  • dirb
  • EyeWitness
  • sqlmap [AGGRESSIVE]
  • fimap [AGGRESSIVE]
RDP
  • nmap
  • EyeWitness
SMB
  • nmap
  • enum4linux
  • nbtscan
  • samrdump
SMTP
  • nmap
  • smtp-user-enum
SNMP
  • nmap
  • snmpcheck
  • onesixtyone
  • snmpwalk
SSH
  • hydra [AGGRESSIVE]
SQL
  • nmap
VNC
  • EyeWitness


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us