Categorygithub.com/sha0coder/gohack
modulepackage
0.0.0-20231219144625-5dc18bfb75e6
Repository: https://github.com/sha0coder/gohack.git
Documentation: pkg.go.dev

# README

fauth -> fast basic auth bruteforce pipper -> web get/post bruteforcing smtpEnum -> enumerate smtp accoutns massftpanon -> scan a net for ftp with anonymous access smbrute -> bruteforce SMB accounts sshbrute -> bruteforce SSH logins tcpscan -> portscan based on tcp response useful if the host is routed via tor massh -> from a file with ip's try to connect to each ip with one password via ssh dnsbrute -> enumerate subdomains bruteforcing a nameserver carnivore -> pentest url parameters

soon: exploit-db -> not finished yet, but launch all exploit-db exploits to a site. params -> get/post parameter analysis

==PIPPER==

Examples:

Discover php files, hide 404 responses, 20 concurent goroutines: ./pipper -url 'http://site.com/##.php' -go 20 -dict wordlist.txt -hc 404

Fuzz post parameter, hidding the response of 100 words ./pipper -url 'http://site.com/test.php' -post 'id=##' -dict wordlist.txt -go 20 -hw 100

Output:

code words lines bytes url (404) [30] [76] [1245] http://test.com/0

We need to hide the normal response to see the interesting responses, then -hc 404 or -hw 30 or -hl 76 or -hb 1245

$ ./pipper -url http://test.com/## -dict wordlists.txt -go 10 checking http://test.com/## ... Server: BlockDOS Default response: 200 Allowed Options: OPTIONS, TRACE, GET, HEAD, POST Scanning, press enter to interrupt. (404) [30] [76] [1245] http://test.com/~ (404) [30] [76] [1245] http://test.com/0 (404) [30] [76] [1245] http://test.com/_ (404) [30] [76] [1245] http://test.com/00 (404) [30] [76] [1245] http://test.com/000000 (404) [30] [76] [1245] http://test.com/xarancms_haupt (404) [30] [76] [1245] http://test.com/00000000 (404) [30] [76] [1245] http://test.com/007 (404) [30] [76] [1245] http://test.com/0007 (200) [298] [764] [15174] http://test.com/ (404) [30] [76] [1245] http://test.com/007007 [enter]

For random response bytes, we can use ranges:

-hwl 10 -hwh 20 (hide responses with 10 to 20 words)

Donation: Bitcoin: 3GrtoFKp7UAf2eqTeUnN8eM3V7RS3n25Ae Ether: 0x66DB9aCAEB85A08e34c04B4F290dE840E93dd08A

# Packages

No description provided by the author
No description provided by the author
No description provided by the author

# Functions

No description provided by the author
No description provided by the author

# Variables

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Structs

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Type aliases

No description provided by the author
No description provided by the author