A Large killer focused on intranet scanning

Related tags

Security FscanX
Overview

FscanX

其实FscanX的灵感来源于fscan和LodanGo这两个开源项目,首先不得不说fscan和LadonGo两个都是非常优秀的内网扫描器。并且其独自的特色也让其在内网扫描器领域独占鳌头。其中LadonGo的插件式让其在扫描时更加专注,而fscan的傻瓜式则让其对内网的信息搜集更加高效。 但是对于一个懒蛋的我,我选择两者都要(毕竟小孩子才做选择),所以我将其Fscan进行了完全改造,在结合了LadonGo的单插件扫描的同时,保留了Fscan对于Web的漏洞和内网服务的脆弱检测,使其即像LadonGo的同时,也更加流氓。


目前实现的功能如下 (Example):
1.CVE-2020-0796 smbghost 插件扫描,支持整个C段式扫描

    FscanX.exe smbghost --thread 60 --noping 192.168.1.1/24

img.png
2. MS-17010 Eternal blue 扫描

    FscanX.exe ms17010 192.168.1.1/24


3. ICMP / ping 存活主机探测

    FscanX.exe hostscan --noping --thread 60 192.168.1.1/24

img.png
4. TCP 端口扫描(支持脆弱端口的漏洞检测)

    FscanX.exe portscan --thread 60 --fragile --noping 192.168.1.1/24

img.png
5. Web 服务检测

    FscanX.exe webscan --thread 60 --fragile --noping 192.168.1.1/24

img.png
6.oxid 网卡信息发现

    FscanX.exe oxidscan 192.168.1.1/24

img.png
上述为一些使用例子,详细可使用-h或--help查看帮助
最后:
感谢:https://github.com/shadow1ng/fscan
感谢:https://github.com/k8gege/LadonGo

Releases(2.0)
Owner
SaiRson
SaiRson
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on

pry0cc 2.7k Jun 24, 2022
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

American Express 492 Jun 16, 2022
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •

ProjectDiscovery 8.7k Jun 26, 2022
A fully self-contained Nmap like parallel port scanning module in pure Golang that supports SYN-ACK (Silent Scans)

gomap What is gomap? Gomap is a fully self-contained nmap like module for Golang. Unlike other projects which provide nmap C bindings or rely on other

jtimperio 68 Jun 27, 2022
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox ?? ?? DalFox is a fast, powerful parameter analysis and XSS scanner, bas

HAHWUL 1.8k Jun 20, 2022
WIP. Converts Azure Container Scan Action output to SARIF, for an easier integration with GitHub Code Scanning

container-scan-to-sarif container-scan-to-sarif converts Azure Container Scan Action output to Static Analysis Results Interchange Format (SARIF), for

Armel Soro 2 Jan 25, 2022
ARP spoofing tool based on go language, supports LAN host scanning, ARP poisoning, man-in-the-middle attack, sensitive information sniffing, HTTP packet sniffing

[ARP Spoofing] [Usage] Commands: clear clear the screen cut 通过ARP欺骗切断局域网内某台主机的网络 exit exit the program help display help hosts 主机管理功能 loot 查看嗅探到的敏感信息

Re 41 Jun 14, 2022
Wrapper to communicate with the wifi scanning protocol on Brother MFC-J430W

Brother MFC-J430W protocol wrapper (wifi scanner) Reasons Brother MFC-J430W has already scanner driver and you can download here but that are prebuilt

Andrea Maugeri 2 Apr 24, 2022
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

PewSWITCH A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. Related blog: https://0xinfection.github.io/p

Pinaki 23 Jun 23, 2022
Naabu - a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply.

null 0 Jan 2, 2022
Go-basic-port-scanner: Scanning of TCP ports only

go-basic-port-scanner Scanning of TCP ports only. Usage git clone https://git

BenKF 1 Jan 22, 2022
null 0 Feb 2, 2022
Portmantool - Port scanning and monitoring tool

portmantool Port scanning and monitoring tool Components runner while true do r

Thomann Bits & Beats 0 Feb 14, 2022
🧨 Interactive Process Killer CLI made with Go!

proc-manager is an interactive CLI to kill processes made with Go, currently supports Linux, Mac OS X, Solaris, and Windows.

Aykut 16 Apr 23, 2022
Gryffin is a large scale web security scanning platform.

Gryffin (beta) Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems w

Yahoo 2.1k Jun 29, 2022
Super simple tcp intranet penetration proxy program

A super easy to configure tcp intranet penetration proxy program that forwards intranet tcp ports to public network servers. Tested proxies for intranet HTTP services, windows remote desktop, ssh access and other scenarios.

null 13 Jun 6, 2022
An experimental port of TinyRb to Google go, both as a means of learning go and exploring alternate approaches to implementing Ruby. Work is currently focused on the GoLightly VM.

tinyrb¶ ↑ A tiny subset of Ruby with a Lua'esc VM. Everything in TinyRb should run in the big Ruby. (except bugs and things that don't comply to the p

Eleanor McHugh 72 Feb 27, 2022
A GNU/Linux monitoring and profiling tool focused on single processes.

Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall details, they often l

Simone Margaritelli 648 Jun 13, 2022
A tiny Nano wallet, focused on ease of use through simplicity

atto is a tiny Nano wallet, which focuses on ease of use through simplicity. Disclaimer: I am no cryptographer and atto has not been audited. I cannot

Richard Ulmer 33 Jun 11, 2022
scrapligo -- is a Go library focused on connecting to devices, specifically network devices (routers/switches/firewalls/etc.) via SSH and NETCONF.

scrapligo -- scrap(e c)li (but in go!) -- is a Go library focused on connecting to devices, specifically network devices (routers/switches/firewalls/etc.) via SSH and NETCONF.

null 132 Jun 15, 2022
Netpoll is a high-performance non-blocking I/O networking framework, which focused on RPC scenarios, developed by ByteDance.

Netpoll is a high-performance non-blocking I/O networking framework, which focused on RPC scenarios, developed by ByteDance. RPC is usually heavy on processing logic and therefore cannot handle I/O serially. But Go's standard library net designed blocking I/O API, so that the RPC framework can only follow the One Conn One Goroutine design.

CloudWeGo 2.8k Jun 25, 2022
Golang application focused on tests

Maceio Golang application that listens for webhook events coming from Github, runs tests previously defined in a configuration file and returns the ou

Leonardo Damasceno 5 Sep 8, 2021
gosq is a parsing engine for a simplicity-focused, template-based SQL query builder for Go.

gosq is a parsing engine for a simplicity-focused, template-based SQL query builder for Go.

Sang-gon Lee 49 Apr 26, 2022
Analytics box a simple and privacy focused analytics tool written in go like google analytics

Analytics box is analytics tool like google analytics but instead of ripping user's privacy off them like google it respects their privacy and doesn't collect any unnecessary information.

Ketan Iralepatil 2 Sep 20, 2021
A simple and privacy focused analytics tool written in go.

Analytics Box Hello guys, this is privacy friendly analytics tool, Analytics Box for web written in go. It ensures user privacy but at the same time a

Ketan Iralepatil 26 Apr 13, 2022
A twitch focused command line tool for producing, archiving and managing live stream content. Built for Linux.

twinx is a live-streaming command line tool for Linux. It connects streaming services (like Twitch, OBS and YouTube) together via a common title and description.

Kris Nóva 23 May 27, 2022