goscan v2.3 releases: Interactive Network Scanner

GoScan

GoScan is an interactive network scanner client, featuring auto-complete, which provides abstraction and automation over nmap.

It can be used to perform host discovery, port scanning, and service enumeration in situations where being stealthy is not a priority, and time is limited (think of CTFs, OSCP, exams, etc.).

GoScan supports all the main steps of network enumeration:

  1. Host Discovery (ARP + ping sweep): sweep <TYPE> <TARGET>
  2. Port Scanning: portscan <TYPE> <TARGET>
  3. Service Enumeration: enumerate <TYPE> <POLITE/AGGRESSIVE> <TARGET>

Plus some more:

  1. DNS enumeration: dns <DISCOVERY/BRUTEFORCE/BRUTEFORCE_REVERSE> <DOMAIN> [<BASE_IP>]
  2. Domain enumeration (Extract windows domain information from enumeration data): domain <users/hosts/servers>

In addition, it has a few supporting commands:

  • Change the output folder (by default ~/goscan): set_output_folder <PATH>
  • Modify the default nmap switches: set_nmap_switches <SWEEP/TCP_FULL/TCP_STANDARD/TCP_VULN/UDP_STANDARD>
  • Modify the default wordlists: set_wordlists <FINGER_USER/FTP_USER/…>
  • Show live hosts: show hosts
  • Show detailed ports information: show ports
  • Reset the database: db reset

External Integrations

The Service Enumeration phase currently supports the following integrations:

WHATINTEGRATION
ARP
  • nmap
  • netdiscover
DNS
  • nmap
  • dnsrecon
  • dnsenum
  • host
FINGER
  • nmap
  • finger-user-enum
FTP
  • nmap
  • ftp-user-enum
  • hydra
HTTP
  • nmap
  • nikto
  • dirb
  • sqlmap
  • fimap
RDP
  • nmap
SMB
  • nmap
  • enum4linux
  • nbtscan
  • samrdump
SMTP
  • nmap
  • smtp-user-enum
SNMP
  • nmap
  • snmpcheck
  • onesixtyone
  • snmpwalk
SSH
  • hydra
SQL
  • nmap

Changelog v2.3

Added

  • Support to automatically configure settings by loading a configuration file

Fixed

  • Nmap output file names when running concurrently on all targets

Download

Use

Copyright (c) 2018 Marco Lancini

Source: https://github.com/marco-lancini/

Share