gobysec / Goby
Attack surface mapping
Stars: ✭ 446
Projects that are alternatives of or similar to Goby
Evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+71.3%)
Mutual labels: networking, hacking, security-tools
Network Threats Taxonomy
Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-82.29%)
Mutual labels: networking, hacking, security-tools
Rustscan
🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+1069.96%)
Mutual labels: networking, hacking, security-tools
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+660.31%)
Mutual labels: hacking, security-tools
Dnxfirewall
dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (-60.99%)
Mutual labels: networking, security-tools
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+689.46%)
Mutual labels: hacking, security-tools
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-19.51%)
Mutual labels: hacking, security-tools
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+522.2%)
Mutual labels: hacking, security-tools
W5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-17.71%)
Mutual labels: hacking, security-tools
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-14.35%)
Mutual labels: hacking, security-tools
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-9.19%)
Mutual labels: hacking, security-tools
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+552.69%)
Mutual labels: hacking, security-tools
Blackhat Arsenal Tools
Official Black Hat Arsenal Security Tools Repository
Stars: ✭ 2,639 (+491.7%)
Mutual labels: hacking, security-tools
Appinfoscanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-4.93%)
Mutual labels: hacking, security-tools
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-7.4%)
Mutual labels: hacking, security-tools
Welcome to Goby
Goby是一款新的网络安全测试工具,它能够针对一个目标企业梳理最全的攻击面信息,同时能进行高效、实战化漏洞扫描,并快速的从一个验证入口点,切换到横向。我们希望能够输出更具生命力的工具,能够对标黑客的实际能力,帮助企业来有效地理解和应对网络攻击。
0x001 Demo
0x002 下载并安装
Goby下载地址 FAQ Goby目前是使用Go语言开发、采用Electron+VUE前端框架的绿色版本,支持windows/MacOS/Linux,无需安装。因Goby基于网络扫描,所以使用前,请先赋予goby识别网卡的权限。方式如下:
- Windows用户 下载Npcap数据捕获包,安装完成后,启动goby。
- MacOS用户 执行以下命令:
1. cd /dev
2. sudo chown $USER:admin bp*
0x003 预置数据说明
1. 规则库 超过10万种规则识别引擎,硬件覆盖范围:网络设备,物联网设备,网络安全产品,办公设备等,软件覆盖范围:CRM,CMS,EMAIL,OA系统等。 2. 协议 超过200种协议识别引擎,覆盖网络协议,数据库协议,IoT协议,ICS协议等。 3. 端口 除了常用端口,我们还根据安全实战场景进行了端口分组,包括企业、咖啡馆、酒店、机场、数据库、物联网、SCADA、ICS、后门检测等。 4. 漏洞及弱口令 覆盖Weblogic,Tomcat等最严重漏洞及超过1000种设备的预置账号信息。
- CVE-2020-2551
- CVE-2020-2555
- CVE-2020-1938
- CVE-2020-10189
- CVE-2020-11651
- CVE-2020-11710
- CVE-2020-7961
- CVE-2020-12116
- CVE-2019-10758
- CVE-2019-3799
- CVE-2019-19781
- CVE-2019-3948
- CVE-2018-1000861
- CVE-2018-7600
- CVE-2018-1297
- CVE-2018-13379
- CVE-2017-5638
- CVE-2017-5878
- CVE-2017-17215
- CVE-2017-1000353
- CVE-2016-4437
- CVE-2016-3088
- CVE-2013-2251
- CVE-2011-3556
- ThinkPHP2.1_RCE
- ThinkPHP5_RCE 持续更新中…
0x004 问题
有关Goby常见问题详情请参考 FAQ表:https://gobies.org/faq.html
0x005 Goby社区
提交问题报错需求建议等请先务必阅读提交问题行为准则
如有问题可以在 GitHub 提 issue, 也可在下方的讨论组里
- GitHub issue: https://github.com/gobysec/Goby/issues
- Telegram: http://t.me/gobies
- 微信群: 加我的个人微信chenrong-1013,会把大家拉到Goby官方微信群。(群内福利:提前1个月享受版本更新)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].