Scan for sensitive information easily and effectively.

The project is based on go with vue to build a management system for sensitive information detection. This is the total fresh version, you can refer the old version here. For the full introduction of the new version, please refer here.

• Support multi platform, including Gitlab, Github, Searchcode
• Flexible menu and API permission setting
• Flexible rules and filter rules
• Utilize gobuster to brute force subdomain
• Easily used management system

For the deployment, it's suggested to install nginx. Place the dist folder under html, modify the nginx.conf to reverse proxy the backend service. I have also made a video for the deployment in bilibili and youtube. For the deploment in windows, refer here.

location /api/ {
proxy_set_header Host $http_host;
proxy_set_header  X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://127.0.0.1:8888;
}

The deployment work is very easy. Find the corresponding binary zip file from releases. Unzip and run. Remember to copy the files inside dist to html folder of nginx.

./gshark web

./gshark scan

git clone https://github.com/madneal/gshark.git

cd server

go mod tidy

mv config-temp.yaml config.yaml

go build

./gshark web

If you want to set up the scan service, please run:

./gshark scan

cd ../web

npm install

npm run serve

USAGE:
   gshark [global options] command [command options] [arguments...]

COMMANDS:
     web      Startup a web Service
     scan     Start to scan github leak info
     help, h  Show a list of commands or help for one command

GLOBAL OPTIONS:
   --debug, -d             Debug Mode
   --host value, -H value  web listen address (default: "0.0.0.0")
   --port value, -p value  web listen port (default: 8000)
   --time value, -t value  scan interval(second) (default: 900)
   --help, -h              show help
   --version, -v           print the version

To execute ./gshark scan, you need to add a Github token for crawl information in github. You can generate a token in tokens. Most access scopes are enough. For Gitlab search, remember to add token too.

1. Default username and password to login

gshark/gshark

2. Database initial failed

make sure the version of mysql is over 5.6. And remove the databse before initial the second time.

3. go get ./... connection error

It's suggested to enable goproxy(refer this article for golang upgrade):

go env -w GOPROXY=https://goproxy.cn,direct
go env -w GO111MODULE=on

• gin-vue-admin

If you would like to join wechat group, you can add my wechat mmadneal with the message gshark.

Apache License 2.0

GShark 是 404Team 星链计划2.0中的一环，如果对 GShark 有任何疑问又或是想要找小伙伴交流，可以参考星链计划的加群方式。

• https://github.com/knownsec/404StarLink2.0-Galaxy#community