48 Resources
Golang scan Libraries
🔎 scan the internet to find "private" proxies.
🔎 scan the internet to find "private" proxies. 🧠 HTTP/SOCKS4/SOCKS5 Proxies. 📌 Installation: - sudo apt-get install git zmap golang
Scan systems and docker images for potential spring4shell vulnerabilities.
Scan systems and docker images for potential spring4shell vulnerabilities. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Spring4shell versions. Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang.
Vulnerability scanner for Spring4Shell (CVE-2022-22965)
go-scan-spring Vulnerability scanner to find Spring4Shell (CVE-2022-22965) vulnerabilities For more information: https://www.fracturelabs.com/posts/ef
Build & Scan - Container Image
BSImage (build&scan image) Requirements Trivy Docker BSImage (shell script version) Usage of build (shell script version) ./bsimage.sh start image:ta
A port scan and service weakpass brute tool build by golang.
A port scan and service weakpass brute tool build by golang.
Scan your project tree for tag comments.
TagSpot TagSpot is a small programm that scans a project tree for tag comments like TODO or FIXME (full list of supported tags). Usage From the comman
Scan for viruses by shelling out to clamav (streaming via stdin)
clamscan This is currently just an example program, but will eventually be a small library. ClamAV has functionality for performing a streaming scan o
Scan your pictures and videos for corruption, and sort them by EXIF or modification time
scanogram Scan your pictures and videos for corruption, and sort them by EXIF or modification time. Introduction This tool is a fast and lightweight s
A quick and dirty concurrent Golang-based port scanner
go-scan-ports A quick and dirty concurrent Golang-based port scanner, this will scan ports 1 through 1024 Usage: Requires 1 command line argument of U
Auto scan log4j bug with excel of server list
Log4JCheck Auto scan log4j bug with excel of server list. Please read https://ww
Log4j-scanner tools - Support for multiple scan method
Log4j-scanner URL mode (fuzzing url with header, payload) go run . url -h Usage
log4jScanner: provides you with the ability to scan internal (only) subnets for vulnerable log4j web servicelog4jScanner: provides you with the ability to scan internal (only) subnets for vulnerable log4j web service
log4jScanner Goals This tool provides you with the ability to scan internal (only) subnets for vulnerable log4j web services. It will attempt to send
Use grype to do Docker layer scanning on various AWS ECR repositories
grype-scan-aws-ecr Use https://github.com/anchore/grype/ to do Docker layer scanning on various AWS ECR repositories. kubectl get pods -o custom-colum
Scan all AWS EC2 instances in a region for potentially vulnerable log4j versions
ec2-log4j-scan Scan all AWS EC2 instances in a region for potentially vulnerable log4j versions. This is a clumsy but effective tool which takes outpu
Git watchdog will scan your public repository and find out the vulnerabilities
Dependencies Docker Go 1.17 MySQL 8.0.25 Bootstrap Run chmod +x start.sh if start.sh script does not have privileged to run Run ./start.sh --bootstrap
Gitscanner is used to perform a variety of security checks against Git repositories and is expandable. Feel free to add your own checks.
Git Repository security checker This is a fast Go implementation to check Git repositories (local or remote) for some common security issues. It relie
Use golang.org/x/vuln to scan your dependencies
vulnz - Use golang.org/x/vuln to scan your dependencies vulnz uses golang.org/x/vuln to scan the dependencies in your go.mod. Install go install githu
Zscan a scan blasting tool set
Zscan a scan blasting tool set 简介 Zscan是一个开源的内网端口扫描器、爆破工具和其他实用工具的集合体。以主机发现和端口扫描为基础,可以对mysql、mssql、redis、mongo、postgres、ftp、ssh等服务进行爆破,还有其他netbios、smb、
Some Golang types based on builtin. Implements interfaces Value / Scan and MarshalJSON / UnmarshalJSON for simple working with database NULL-values and Base64 encoding / decoding.
gotypes Some simple types based on builtin Golang types that implement interfaces for working with DB (Scan / Value) and JSON (Marshal / Unmarshal). N
A go Library for scan database/sql rows to struct、slice、other types. And it support multiple databases connection management
ploto A go Library for scan database/sql rows to struct、slice、other types. And it support multiple databases connection management It's not an ORM. wo
IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port
This is my first IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port, This bot is write on Go language. For education purpose only. Please test it in your lab. And i create this for join university in the future not for attack anyone server with out any permission!!!
IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port
IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port
Fast scan for redtools
scaninfo by 华东360安服团队 注意的点 漏洞扫描的时候有时候最后几个任务会卡住,是因为ftp爆破模块,这个fscan也一样目前没有好的解决办法,后续更新.先阶段可以-eq 21跳过ftp,或者control+c 主动停止不影响结果保存。 有时候扫外网的全端口会漏掉端口可以使用-n 指定
Go network scan tool.
gns Go network scan tool. Version: v0.6.0 Usage: gns [Options] IP or domain eg: gns -r 22-8080 -s 300 localhost Options: -a All ports, 1-6553
WIP. Converts Azure Container Scan Action output to SARIF, for an easier integration with GitHub Code Scanning
container-scan-to-sarif container-scan-to-sarif converts Azure Container Scan Action output to Static Analysis Results Interchange Format (SARIF), for
Bee is a tool to scan ports by TCP and UDP protocols
Bee - Port scan tool 🐝 Bee is a tool to scan ports by TCP and UDP protocols Building from Source Code First, we compile the source code with the ligh
Subdomain scanner, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
ksubdomain是一款基于无状态的子域名爆破工具,类似无状态端口扫描,支持在Windows/Linux/Mac上进行快速的DNS爆破,在Mac和Windows上理论最大发包速度在30w/s,linux上为160w/s。 hacking8信息流的src资产收集 https://i.hacking8
Carbon Black Harbor Adapter is a scanner to scan images in Harbor Registry with the help of Carbon Black Cloud.
carbon-black-adapter-for-harbor Overview Carbon Black adapter for Harbor integrates your Harbor Registry with the Carbon Black Cloud. It leverages Har
Akuma Scan comes with the purpose of scanning/detecting WAF (Web Application Firewall) on a certain website. Made to be easy, accurate and agile.
.m. ,_ ' ;M; ,;m ` ;M;.
Act as part of the business code and will report aqua scan report after application installed
starboard-report This repo aim to enrich the functionality of starboard. Starboard integrates security tools into the Kubernetes environment, so that
Open Source runtime scanner for OpenShift cluster and perform security audit checks based on CIS RedHat OpenShift Benchmark specification
OpenShift-Ordeal Scan your Openshift cluster !! OpenShift-Ordeal is an open source audit scanner who perform audit check on OpenShift Cluster and outp
A API scanner written in GOLANG to scan files recursively and look for API keys and IDs.
GO FIND APIS _____ ____ ______ _____ _ _ _____ _____ _____ _____ / ____|/ __ \ | ____|_ _| \ | | __ \ /\ | __ \_
Scan Fastjson Use Golang Only
SuperFastjsonScan 该工具仅是Demo版,并不完善,给各位提供一个思路 参考工具:https://github.com/EmYiQing/XiuScan/ 该工具的核心是:不搭建JNDI Server或LDAP Server,也不用Dnslog平台,即可进行无回显Java反序列化漏洞
🌀 Dismap - Asset discovery and identification tool
🌀 Dismap - Asset discovery and identification tool [English readme Click Me] Dismap 定位是一个资产发现和识别工具;其特色功能在于快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑
DorkScout - Golang tool to automate google dork scan against the entiere internet or specific targets
dorkscout dokrscout is a tool to automate the finding of vulnerable applications or secret files around the internet throught google searches, dorksco
Tool to scan a container image's rootfs
image-rootfs-scanner A tool to pull and scan the rootfs of any container image for different binaries. It started out as a means of finding "restricte
MQTT安全测试工具 (MQTT Security Tools)
███╗ ███╗ ██████╗ ████████╗████████╗███████╗ ████╗ ████║██╔═══██╗╚══██╔══╝╚══██╔══╝██╔════╝ ██╔████╔██║██║ ██║ ██║ ██║ ███████╗ ██║╚██╔╝█
Scan database/sql rows directly to structs, slices, and primitive types
Scan Scan standard lib database rows directly to structs or slices. For the most comprehensive and up-to-date docs see the godoc Examples Multiple Row
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more... Coded with 💙 by edoardottt. Share on Twitter! P
Cloud governance reports from native services in a clear and readable digest
cloudig, or Cloudigest, is a simple CLI tool for creating reports from various cloud sources with user-provided comments. It is written in Go and curr
Simple pgx wrapper to execute and scan query results
pig Simple pgx wrapper to execute and scan query results. Features All-in-one tool; Simple transactions management: You can set idle_in_transaction_se
:vulcan_salute: Fast, modern, easy-to-use network scanner
sx is the command-line network scanner designed to follow the UNIX philosophy. The goal of this project is to create the fastest network scanner with
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple to
Scan and analyze OSS dependencies and licenses from compiled Go binaries
golicense - Go Binary OSS License Scanner golicense is a tool that scans compiled Go binaries and can output all the dependencies, their versions, and
A fast tool to scan CRLF vulnerability written in Go
CRLFuzz A fast tool to scan CRLF vulnerability written in Go Resources Installation from Binary from Source from GitHub Usage Basic Usage Flags Target
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson
Wprecon, is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.
WPrecon (Wordpress Recon) Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go. Featu
rxscan provides functionality to scan text to variables using regular expression capture group.
rxscan rxscan provides functionality to scan text to variables using regular expression capture group. This library is still experimental, use at your