Goby Beta1.8.239 releases: Attack surface mapping
Automatically detect the existing IP in current cyberspace;
Cover nearly 300 mainstream ports and support port grouping for different scenarios to ensure the most efficient outputs ;
Preset more than 200 protocol identification engines, covering network protocol, database protocol, IoT protocol, ICS protocol, etc., which could analyze protocol information corresponding to the port quickly through the very light transmission.
Preset more than 100,000 rule identification engines to automatically identify and classify hardware equipment and software business systems, and comprehensively analyze the business systems that exist in the network.
Support important information needed for website penetration: including IP, port, server, title, etc:
Preset the most attacking vulnerability engines, covering the most serious vulnerabilities such as Weblogic and Tomcat.
Website screenshots on the server can be obtained and more screenshots can be seen on the detail page.
Support root domain and subdomain scanning, and support automatic crawling of subdomains.
Vulnerability scanning is more flexible;
A brute-force attack is easier;
• A total of 44 new vulnerabilities: Weblogic Server RCE (CVE-2021-2109)、 Apache Flink Upload(CVE-2020-17518)、lanproxy Directory Traversal(CVE-2021-3019)、Ruijie EG RCE、Apache Druid RCE (CVE-2021-25646), etc;
• Add IP library: flip chart combat! Through the root domain, quickly define a target network asset map;
• Add ICON mapping function: support query rules to search current task assets, such as query ip, port, app, protocol, title, etc;
• New server management: support for adding multiple remote servers, and support for server management;
• Add support for windows 32-bit, mips and arm versions: currently limited to command line startup, the startup method is the same as windows 64-bit, run goby-cmd:
./goby-cmd -apiauth user: pass -mode api -bind 0.0 .0.0:8361
• New protocols: asterisk，barracuda-bcp，beacon ccnet，ceph，daap，firebird，nomachine-nx，remoting，rtmp，stun，svrloc，varnish-cli, etc;
• New extensions: weak password dictionary: DictionaryConfig, timing task function : Task Queue, etc;
• Support specifying multiple poc for scanning;
• Fix online upgrade issues;
• Optimize the coding display of exploits;
• fix some mistake of pocs;
• Fix the issue of white screen caused by Chinese themes;
• Fix the problem that website screenshots cannot be displayed;
• Optimize partly hidden deep but frequently used functional interactions;