Goby: Attack surface mapping
Automatically detect the existing IP in current cyberspace;
Cover nearly 300 mainstream ports and support port grouping for different scenarios to ensure the most efficient outputs ;
Preset more than 200 protocol identification engines, covering network protocol, database protocol, IoT protocol, ICS protocol, etc., which could analyze protocol information corresponding to the port quickly through the very light transmission.
Preset more than 100,000 rule identification engines to automatically identify and classify hardware equipment and software business systems, and comprehensively analyze the business systems that exist in the network.
Support important information needed for website penetration: including IP, port, server, title, etc:
Preset the most attacking vulnerability engines, covering the most serious vulnerabilities such as Weblogic and Tomcat.
Website screenshots on the server can be obtained and more screenshots can be seen on the detail page.
Support root domain and subdomain scanning, and support automatic crawling of subdomains.
Vulnerability scanning is more flexible;
A brute-force attack is easier;