marco-lancini / goscan Goto Github PK

View Code? Open in Web Editor NEW

991.0 34.0 142.0 14.46 MB

Interactive Network Scanner

License: MIT License

Makefile 1.23% Go 97.24% Shell 1.17% Dockerfile 0.36%

golang pentesting nmap docker

goscan's Introduction

💼 I am a Principal Security Engineer with experience building security functions at Fortune500, pre-IPO companies, and exponential growth startups. Currently, I own efforts to secure GitLab's SaaS cloud infrastructure and container technologies.
✍🏻 I curate CloudSecList, a newsletter that keeps thousands of security professionals informed about current happenings and news related to the security of cloud-native technologies, and CloudSecDocs, a website collecting and sharing my technical notes and knowledge on cloud-native technologies, security, technical leadership, and engineering culture.
📚 I blog about cloud security, strategy, and technical leadership, and I'm writing The CloudSec Engineer, a book on how to enter, establish yourself, and thrive in the cloud security industry as an individual contributor.
🔑 I also run a boutique security advisory firm, and I am an advisor and angel investor of a few early-stage startups.
🛡 I am a member of the AWS Community Builders program, part of the committee tasked with creating the Certified Kubernetes Security Specialist (CKS) Certification, and a mentor in the Lead the Future program, a non-profit that helps young Italian talents pursue a career in the STEM field.
💬 You can find additional information about me at: marcolancini.it

How to Reach Me

Tech Stack

Certifications

Accolades

👉 Subscribe to CloudSecList

goscan's People

Contributors

Stargazers

Watchers

Forkers

wood520 gavz oksbsb marciopocebon ecore2018 xiaolushuo shad0w008 secoba neo-chang slowmistio rajivraj bobtux johndoex1 cmscardoso fuckgitb 957204459 koalacxr whoerau xushuda526 cybertoxin s0x06 bronx205 bladeism kweros xiaohlu05 superdong0 testtz ztencmcp kumaran-git qsdj djbdjb madwind76 b-xiang vysecurity huangyuan666 1337g bbhunter p41bl4f killvxk mlynchcogent seabreg 0x43f themiddleblue waterpeitw modulexcite canthus verlegen inboxs sakishum chennqqi fzpixzj90h7baqieoop5hg soxueren 5up3rc w1ck3dth1ngs akshayjaing edgardo001 a7t0fwa7 ubuntulover09 madmanlabs macdaliot yannjun rulzgz backwardn crackercat attackgithub shammishailaj dennyx dawnadvent io-go-scripz caiql silent-dust sh1nu11bi yuhisern7 triplekill pencoo xiaoshen2017 freeide jirotao deepwebhacker awesome-security isgasho fdlucifer 5l1v3r1 sserf alessiodallapiazza dzhan85 raystyle underwood12 kenuoseclab homingzheng r4b3rt thapr0digy echocipher rajkrishnamurthy the-shelter offsec1 pbutler6163 alessio polling-repo-continua latkes

goscan's Issues

Broken links

Makefile (line 15)
go get github.com/golang/lint/golint
should be:
go get golang.org/x/lint/golint
The old link returns 404

All go files with imports pointing to
https://github.com/marco-lancini/goscan/core
need to be updated to
https://github.com/marco-lancini/goscan/goscan/core
The old links don't download any packages, as it says they are empty.

I forked the repo and tested on my Github account, to see if getting all the packages worked. It did work.

OS system: Ubuntu 20.04.4 LTS
Go version: 1.16.14

MULTI load

when trying to load a text file with IPs it crashes on Kali
`[goscan] > load target MULTI re
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x740884]

goroutine 1 [running]:
github.com/marco-lancini/goscan/core/cli.cmdLoad(0xc420160210, 0x3, 0x3, 0x4)
/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:137 +0x114
github.com/marco-lancini/goscan/core/cli.Executor(0xc420096ce0, 0x14)
/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:23 +0x14e
github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt.(*Prompt).Run(0xc420255c20)
/go/src/github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt/prompt.go:77 +0x688
main.main()
/go/src/github.com/marco-lancini/goscan/main.go:67 +0xee`

Rate limit port scan?

Hello, is there a switch that I can use to rate limit the number of concurrent scans that are done with the portscan flag? I've loaded some 7 thousand IPs and its crashing every machine I run it from. I've tried multiple times running this from screen on my droplet and I can't get the scan to finish. I also am not recording any data it seems so even if it made it part way into the scan its not recording anything for me.

Add multi-arch release

Since Go allows cross-compilation it would be great to generate releases for the main operating systems.

runtime error: index out of range due to incomplete command

Hi Marco,

goscan looks very promising to me. Thank you for your development effort and publishing it as open source. 😃

I downloaded and use v.2.4 on a kali 2020.1 box and can provoke a crash using a incomplete command, just by leaving out the IP/target:

[goscan] > load target SINGLE
panic: runtime error: index out of range

goroutine 1 [running]:
github.com/marco-lancini/goscan/core/utils.ParseNextArg(...)
	/go/src/github.com/marco-lancini/goscan/core/utils/utils.go:116
github.com/marco-lancini/goscan/core/cli.cmdLoad(0xc420076760, 0x2, 0x2, 0x4)
	/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:115 +0x764
github.com/marco-lancini/goscan/core/cli.Executor(0xc42025cce0, 0x12)
	/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:23 +0x14e
github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt.(*Prompt).Run(0xc4200622a0)
	/go/src/github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt/prompt.go:77 +0x688
main.main()
	/go/src/github.com/marco-lancini/goscan/main.go:67 +0xee

I would expect an error message and no crash.
I can reproduce this crash.

Is this project abandoned?

Cross compilation doesn't work on macosx.

Dep is deprecated and archived in favor of go modules.

This project is actually not working (binary - executable) or compiling on go version go 1.16.3 darwin/amd64.

The biggest problems, requiring mod files (not as important as some think if you are compiling or running locally - compile and write your code in a way that it doesn't burden the end user - make this an option or remove), remove DEP, make all the fancy imports of the terminal colors and memory optional. This is killing it moving forward - unless you want people to use an old system just to get things to work.

Build Error

root@kali:~/Desktop/goscan/goscan# make setup
go get github.com/golang/lint/golint
go get golang.org/x/tools/cmd/goimports
go get -u github.com/golang/dep/cmd/dep
dep ensure
could not find project Gopkg.toml, use dep init to initiate a manifest
make: *** [Makefile:13: setup] Error 1

Feature Request: OWASP Amass

OWASP Amass would make a nice addition to your DNS enumeration, especially since it is written in Go!

https://github.com/OWASP/Amass

removing IP from previous scan

I am testing Goscan, which I really like so far. I loaded one IP and ran through the process. But I can’t load another IP or remove the previous IP, it shows the first IP. I can’t clear either. Is there a way to remove an IP once you have completed the goscan for that IP? Because of this issue, I am only able to use goscan once.

Feature ideas

Love the tool so far, great for small one off scenarios.
Not sure the direction you want to go with this tool, but here's a couple ideas.

An option to remove targets, so you don't sweep invalid or incorrectly entered IP's
Have the tool validate if optional tools like Eyewitness, nikto etc are installed or not.
Option to point to existing install, and or option to install from within goscan.
I noticed that the application suggests you need to enter IP's in the format of x.x.x.x/32
However it accepts IP's in any form (including null/non-IP values) sanitize the inputs?

Add brew installation

It would be nice to see goscan on brew so the installation would be really easy for mac users.

Error - make setup

i got this error while setting up -

root@kali:~/goscan/goscan# make setup
go get github.com/golang/lint/golint
go get golang.org/x/tools/cmd/goimports
go get -u github.com/golang/dep/cmd/dep
dep ensure
could not find project Gopkg.toml, use dep init to initiate a manifest
make: *** [Makefile:13: setup] Error 1

when i tried second time - i got this error

root@kali:~/goscan/goscan# make setup
go get github.com/golang/lint/golint
go get golang.org/x/tools/cmd/goimports
go get -u github.com/golang/dep/cmd/dep

cd /root/go/src/github.com/golang/dep; git pull --ff-only

fatal: unable to access 'https://github.com/golang/dep/': Could not resolve host: github.com
package github.com/golang/dep/cmd/dep: exit status 1
make: *** [Makefile:12: setup] Error 1

Error while loading an entire class C addresses space

Hi,

Hi, thanks for your work.

Got an issue here where I tried to load an entire class C space addresses from a text file.

OS Used: Kali Linux

The format of that text file is:

192.10x.x.0
...
...
192.10x.x.255

The error message is:

[goscan] > load target MULTI targets.lst
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x830adb7]

goroutine 1 [running]:
github.com/marco-lancini/goscan/core/cli.cmdLoad(0x1aa12028, 0x3, 0x3, 0x4)
	/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:137 +0xe7
github.com/marco-lancini/goscan/core/cli.Executor(0x1aa681e0, 0x51)
	/go/src/github.com/marco-lancini/goscan/core/cli/executor.go:23 +0x113
github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt.(*Prompt).Run(0x1aa85da0)
	/go/src/github.com/marco-lancini/goscan/vendor/github.com/c-bata/go-prompt/prompt.go:77 +0x548
main.main()
	/go/src/github.com/marco-lancini/goscan/main.go:67 +0xd2

Any ideas? thanks!