Forked from https://github.com/marco-lancini/goscan/
Simple setup instructions for building from source files, without using Docker For those who are very new, first, make sure Git, GCC, make and dep are installed.
$ sudo apt install git
GCC requires more complex commands
sudo apt-get install gcc
It may be necessary to run
$ sudo apt-get update
Install make
$ sudo apt install make
Install dep
$ sudo apt-get install go-dep
It may be necessary to run again
$ sudo apt-get update
Go version used: Version 1.16.14
$ wget https://dl.google.com/go/go1.16.14.linux-amd64.tar.gz
Unzip
$ sudo tar -C /usr/local/ -xzf go1.16.14.linux-amd64.tar.gz
Edit profile
$ nano $HOME/.profile
Add line to end of file
export PATH=$PATH:/usr/local/go/bin
Run profile to set environment variables
$ source $HOME/.profile
Go files need to be in folder structure go/src
$ cd ~
$ mkdir go
$ cd go
$ mkdir src
$ cd src
Clone the Resposity
$ git clone https://github.com/thelouiselawrence/goscan.git
Navigate into the folder
$ cd goscan/goscan
Set up project
go get golang.org/x/lint/golint
go get golang.org/x/tools/cmd/goimports
dep ensure
Initialize the project
$ go mod init goscan
$ go mod tidy
Build the project
$ go build ./
ORIGINAL README
Forked from https://github.com/marco-lancini/goscan/
GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap.
Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service enumeration not only in situations where being stealthy is not a priority and time is limited (think at CTFs, OSCP, exams, etc.), but also (with a few tweaks in its configuration) during professional engagements.
GoScan is also particularly suited for unstable environments (think unreliable network connectivity, lack of "screen
", etc.), given that it fires scans and maintain their state in an SQLite database. Scans run in the background (detached from the main thread), so even if connection to the box running GoScan is lost, results can be uploaded asynchronously (more on this below). That is, data can be imported into GoScan at different stages of the process, without the need to restart the entire process from scratch if something goes wrong.
In addition, the Service Enumeration phase integrates a collection of other tools (e.g., EyeWitness
, Hydra
, nikto
, etc.), each one tailored to target a specific service.
Binaries are available from the Release page.
# Linux (64bit)
$ wget https://github.com/marco-lancini/goscan/releases/download/v2.4/goscan_2.4_linux_amd64.zip
$ unzip goscan_2.4_linux_amd64.zip
# Linux (32bit)
$ wget https://github.com/marco-lancini/goscan/releases/download/v2.4/goscan_2.4_linux_386.zip
$ unzip goscan_2.4_linux_386.zip
# After that, place the executable in your PATH
$ chmod +x goscan
$ sudo mv ./goscan /usr/local/bin/goscan
# Clone and spin up the project
$ git clone https://github.com/marco-lancini/goscan.git
$ cd goscan/
$ docker-compose up --build
$ docker-compose run cli /bin/bash
# Initialize DEP
root@cli:/go/src/github.com/marco-lancini/goscan $ make init
root@cli:/go/src/github.com/marco-lancini/goscan $ make setup
# Build
root@cli:/go/src/github.com/marco-lancini/goscan $ make build
# To create a multi-platform binary, use the cross command via make
root@cli:/go/src/github.com/marco-lancini/goscan $ make cross
GoScan supports all the main steps of network enumeration:
Step | Commands |
---|---|
1. Load targets |
|
2. Host Discovery |
|
3. Port Scanning |
|
4. Service Enumeration |
|
5. Special Scans |
|
Utils |
|
The Service Enumeration phase currently supports the following integrations:
WHAT | INTEGRATION |
---|---|
ARP |
|
DNS |
|
FINGER |
|
FTP |
|
HTTP |
|
RDP |
|
SMB |
|
SMTP |
|
SNMP |
|
SSH |
|
SQL |
|
VNC |
|
GoScan is released under a MIT License. See the LICENSE
file for full details.