Goby is a new generation network security assessment tool. It can efficiently and practically scan vulnerabilities while sorting out the most complete attack surface information for a target enterprise. Goby can also quickly penetrate the company intranet based on a company's vulnerabilities exposed to the Internet. We strive for Goby to become a more vital tool that can benchmark against hackers' actual attack methods and help companies effectively understand and respond to cyber-attacks.
Goby currently uses Golang development, uses
Electron
and
VUE
as the front-end framework, supports windows, MacOS, and Linux without installation. Goby is based on network scanning, therefore permission is required to identify the NIC before using it.The installation methods of different platforms are as follows:
Npcap
and install it.
1. cd /dev
2. sudo chown $USER:admin bp*
For more information, see Goby WiKi
1. Rule bases
Goby has built in more than 100,000 rule recognition engines. The coverage of hardware types includes Network devices, IoT devices, Network Security products, office devices, etc. The coverage of software types includes: CRM,CMS,EMAIL,OA system, etc.
2. Protocol
Goby has built in more than 200 protocol recognition engines, including: Network protocols, Database protocols, IoT protocols , ICS protocols, etc.
3. Port
In addition to common ports, Goby also groups ports based on security practices, including: Enterprises, Cafes, Hotels, Airports, Databases, IoT, SCADA, ICS and Back door detection.
4. Common vulnerabilities and weak passwords
Goby covers common critical vulnerabilities such as Weblogic and Tomcat, as well as preset account information of more than 1,000 devices.
CVE-2020-2551
CVE-2020-2555
CVE-2020-1938
CVE-2020-10189
CVE-2020-11651
CVE-2020-11710
CVE-2020-7961
CVE-2020-12116
CVE-2019-10758
CVE-2019-3799
CVE-2019-19781
CVE-2019-3948
CVE-2018-1000861
CVE-2018-7600
CVE-2018-1297
CVE-2018-13379
CVE-2017-5638
CVE-2017-5878
CVE-2017-17215
CVE-2017-1000353
CVE-2016-4437
CVE-2016-3088
CVE-2013-2251
CVE-2011-3556
ThinkPHP2.1_RCE
ThinkPHP5_RCE
Constantly updating...…
For more information about Goby FAQ, please visit here
Contribute POC
First need to read Goscanner_POC/EXP _Writing_Manual
Then read Custom PoC Query Rule
Please read here first if you submit an error or demand suggestion.
If you have a functional type of issue, you can raise an issue on GitHub or in the discussion group below:
GitHub issue: https://github.com/gobysec/Goby/issues
WeChat Group: First add my personal WeChat: gobyteam, I will add everyone to the official WeChat group of Goby.