├── Feedback.md ├── README.md └── img ├── 1.gif ├── bannerTop.png ├── delete.png ├── develop.gif ├── ex-es.gif ├── ex-export.gif ├── ex-fofa.gif ├── ex-http.gif ├── ex-msf.gif ├── fofa-html.png ├── hello.gif ├── helloMod.gif ├── init.gif ├── ip-detail.jpg ├── m1.png ├── m2.png ├── moreOptions.png ├── moreOptions1.png ├── moreOptions2.png ├── publish.gif ├── register.png ├── scan-dia.jpg ├── scanDia.png ├── setting.png ├── shell_manager_demo.gif ├── unzip.gif ├── vulList.png ├── vulList1.png ├── vulList2.png ├── vulList3.png └── zip.gif /Feedback.md: -------------------------------------------------------------------------------- 1 | # Issue feedback guidelines 2 | 3 | Feedback channel is [here](https://github.com/Gobysec/Goby/issues). When giving feedback, you need to indicate your `current system type` and `Goby version`. 4 | You can also try to use the following resources to solve your problem: 5 | 6 | - Find the solution in the FAQ table: https://gobies.org/faq.html 7 | - Watch the video tutorial: https://gobies.org/features.html 8 | - Find solutions or ask questions on Github issues:https://github.com/Gobysec/Goby/issues 9 | 10 | 1. Please try to search for your problem, as it may have been resolved. If you find that an old and closed issue is still in the latest version, you should initiate a new issue instead of commenting on the old issue. 11 | 2. If there is a version update, please try to update to the latest version first to see if it can solve the problem. 12 | 13 | ## Error feedback 14 | 15 | 1. Provide the Goby version and system type currently in use. 16 | 2. Provide necessary operating environment information, error messages, and expected results. 17 | 3. Provide necessary screenshots or code and other details. 18 | 4. Encourage the use of tags 19 | 20 | ## Suggestion 21 | 22 | 1. Provide the Goby version and system type currently in use. 23 | 2. Provide scenarios for applications. 24 | 3. Provide solutions that have been considered. 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Welcome to Goby 2 | **Goby** is a new generation network security assessment tool. It can efficiently and practically scan vulnerabilities while sorting out the most complete attack surface information for a target enterprise. Goby can also quickly penetrate the company intranet based on a company's vulnerabilities exposed to the Internet. We strive for Goby to become a more vital tool that can benchmark against hackers' actual attack methods and help companies effectively understand and respond to cyber-attacks. 3 | 4 | [Goby Official URL](https://gobies.org/) 5 | 6 | ### 0x001 Demo 7 | [![5s8l2F.gif](https://z3.ax1x.com/2021/10/21/5s8l2F.gif)](https://imgtu.com/i/5s8l2F) 8 | ### 0x002 Download and install 9 | [Goby download link](https://gobies.org/) 10 | [Goby FAQ](https://gobies.org/faq.html) 11 | 12 | Goby currently uses Golang development, uses `Electron` and `VUE` as the front-end framework, supports windows, MacOS, and Linux without installation. Goby is based on network scanning, therefore permission is required to identify the NIC before using it.The installation methods of different platforms are as follows: 13 | 14 | 1. Windows 15 | Download the [`Npcap`](https://nmap.org/npcap/dist/npcap-0.9995.exe) and install it. 16 | 2. MacOS 17 | Run the following command: 18 | 19 | ``` 20 | 1. cd /dev 21 | 2. sudo chown $USER:admin bp* 22 | ``` 23 | For more information, see [Goby WiKi](https://github.com/gobysec/Goby/wiki) 24 | 25 | ### 0x003 Preset field description 26 | 27 | **1. Rule bases** 28 | Goby has built in more than 100,000 rule recognition engines. The coverage of hardware types includes `Network devices`, `IoT devices`, `Network Security products`, `office devices`, etc. The coverage of software types includes: `CRM`,`CMS`,`EMAIL`,`OA system`, etc. 29 | 30 | **2. Protocol** 31 | Goby has built in more than 200 protocol recognition engines, including: `Network protocols`, `Database protocols`, `IoT protocols` , `ICS protocols`, etc. 32 | 33 | **3. Port** 34 | In addition to common ports, Goby also groups ports based on security practices, including: `Enterprises`, `Cafes`, `Hotels`, `Airports`, `Databases`, `IoT`, `SCADA`, `ICS` and `Back door detection`. 35 | 36 | **4. Common vulnerabilities and weak passwords** 37 | Goby covers common critical vulnerabilities such as `Weblogic` and `Tomcat`, as well as preset account information of more than 1,000 devices. 38 | 39 | - [CVE-2020-2551](https://github.com/gobysec/GobyVuls/blob/master/WebLogic/CVE-2020-2555) 40 | - [CVE-2020-2555](https://github.com/gobysec/GobyVuls/blob/master/WebLogic/CVE-2020-2555) 41 | - CVE-2020-1938 42 | - CVE-2020-10189 43 | - CVE-2020-11651 44 | - CVE-2020-11710 45 | - [CVE-2020-7961](https://github.com/gobysec/GobyVuls/blob/master/LiferayPortal/CVE-2020-7961) 46 | - CVE-2020-12116 47 | - CVE-2019-10758 48 | - CVE-2019-3799 49 | - [CVE-2019-19781](https://github.com/gobysec/GobyVuls/blob/master/Citrix/CVE-2019-19781) 50 | - CVE-2019-3948 51 | - [CVE-2018-1000861](https://github.com/gobysec/GobyVuls/tree/master/Jenkins/CVE-2018-1000861) 52 | - [CVE-2018-7600](https://github.com/gobysec/GobyVuls/tree/master/Drupal/CVE-2018-7600) 53 | - CVE-2018-1297 54 | - CVE-2018-13379 55 | - [CVE-2017-5638](https://github.com/gobysec/GobyVuls/tree/master/Struts2/S2-046(CVE-2017-5638)) 56 | - CVE-2017-5878 57 | - CVE-2017-17215 58 | - [CVE-2017-1000353](https://github.com/gobysec/GobyVuls/blob/master/Jenkins/CVE-2017-1000353) 59 | - CVE-2016-4437 60 | - [CVE-2016-3088](https://github.com/gobysec/GobyVuls/tree/master/ActiveMQ/CVE-2016-3088) 61 | - [CVE-2013-2251](https://github.com/gobysec/GobyVuls/tree/master/Struts2/S2-016(CVE-2013-2251)) 62 | - CVE-2011-3556 63 | - [ThinkPHP2.1_RCE](https://github.com/gobysec/GobyVuls/tree/master/ThinkPHP/ThinkPHP2.1_RCE) 64 | - [ThinkPHP5_RCE](https://github.com/gobysec/GobyVuls/tree/master/ThinkPHP/ThinkPHP5_RCE) 65 | - Constantly updating...… 66 | 67 | ### 0x004 FAQ 68 | 69 | For more information about Goby FAQ, please visit [here](https://gobies.org/faq.html) 70 | 71 | ### 0x005 Goby community 72 | 73 | - Contribute POC 74 | 75 | - First need to read [Goscanner_POC/EXP _Writing_Manual](https://github.com/gobysec/Goby/wiki/Vulnerability-writing-guide(%E6%BC%8F%E6%B4%9E%E7%BC%96%E5%86%99%E6%8C%87%E5%8D%97)) 76 | - Then read [Custom PoC Query Rule](https://github.com/gobysec/Goby/wiki/Query-Rule(Goby-Query-%E7%BC%96%E5%86%99%E6%8C%87%E5%8D%97)) 77 | 78 | Please read [here](https://github.com/gobysec/Goby/blob/master/Feedback.md) first if you submit an error or demand suggestion. 79 | 80 | If you have a functional type of issue, you can raise an issue on GitHub or in the discussion group below: 81 | 82 | 1. GitHub issue: https://github.com/gobysec/Goby/issues 83 | 2. WeChat Group: First add my personal WeChat: **gobyteam**, I will add everyone to the official WeChat group of Goby. 84 | 85 | -------------------------------------------------------------------------------- /img/1.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/1.gif -------------------------------------------------------------------------------- /img/bannerTop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/bannerTop.png -------------------------------------------------------------------------------- /img/delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/delete.png -------------------------------------------------------------------------------- /img/develop.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/develop.gif -------------------------------------------------------------------------------- /img/ex-es.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ex-es.gif -------------------------------------------------------------------------------- /img/ex-export.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ex-export.gif -------------------------------------------------------------------------------- /img/ex-fofa.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ex-fofa.gif -------------------------------------------------------------------------------- /img/ex-http.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ex-http.gif -------------------------------------------------------------------------------- /img/ex-msf.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ex-msf.gif -------------------------------------------------------------------------------- /img/fofa-html.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/fofa-html.png -------------------------------------------------------------------------------- /img/hello.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/hello.gif -------------------------------------------------------------------------------- /img/helloMod.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/helloMod.gif -------------------------------------------------------------------------------- /img/init.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/init.gif -------------------------------------------------------------------------------- /img/ip-detail.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/ip-detail.jpg -------------------------------------------------------------------------------- /img/m1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/m1.png -------------------------------------------------------------------------------- /img/m2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/m2.png -------------------------------------------------------------------------------- /img/moreOptions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/moreOptions.png -------------------------------------------------------------------------------- /img/moreOptions1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/moreOptions1.png -------------------------------------------------------------------------------- /img/moreOptions2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/moreOptions2.png -------------------------------------------------------------------------------- /img/publish.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/publish.gif -------------------------------------------------------------------------------- /img/register.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/register.png -------------------------------------------------------------------------------- /img/scan-dia.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/scan-dia.jpg -------------------------------------------------------------------------------- /img/scanDia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/scanDia.png -------------------------------------------------------------------------------- /img/setting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/setting.png -------------------------------------------------------------------------------- /img/shell_manager_demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/shell_manager_demo.gif -------------------------------------------------------------------------------- /img/unzip.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/unzip.gif -------------------------------------------------------------------------------- /img/vulList.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/vulList.png -------------------------------------------------------------------------------- /img/vulList1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/vulList1.png -------------------------------------------------------------------------------- /img/vulList2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/vulList2.png -------------------------------------------------------------------------------- /img/vulList3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/vulList3.png -------------------------------------------------------------------------------- /img/zip.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gobysec/Goby/bd5760c073c715b13caefcceb71dd6972f2cadf1/img/zip.gif --------------------------------------------------------------------------------