gotr00t0day/Gsec gotr00t0day/Gsec

  • Stars
    star
    285
  • Rank 144,275 (Top 3 %)
  • Language
    Python
  • Created about 2 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
gotr00t0day/Gsec
github

gotr00t0day

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Web Security Scanner

Gsec

Web Security Scanner & Exploitation.

Based on custom vulnerability scanners & Nuclei

Python Version Issues Stars Twitter

Features • Keys • Install • Usage • KeyWords • Join Discord

Features

  • Passive Scan

    • Find assets with shodan
    • RapidDNS to get subdomains
    • Certsh to enumerate subdomains
    • DNS enumeration
    • Waybackurls to fetch old links
    • Find domains belonging to your target

  • Normal / Agressive Scan

    • Domain http code
    • Web port scanning
    • Server information
    • HTTP security header scanner
    • CMS security identifier / misconfiguration scanner
    • Technology scanner
    • Programming Language check
    • Path Traversal scan
    • Web Crawler
    • OS detection
    • Nuclei vulnerability scanning
    • SSRF, XSS, Host header injection and Cors Misconfiguration Scanners.

Installation

Make sure you have GoLang installed, with out it you won't be able to install nuclei.

git clone https://github.com/gotr00t0day/Gsec.git

cd Gsec

pip3 install -r requirements.txt

# Make sure that nuclei-templates is cloned in the / directory. Gsec fetches the templates from ~/nuclei-templates
python3 install.py

Keys

Gsec will fetch the shodan API key from the core directory, the passive recon script supports scanning with shodan,
please save your shodan key in core/.shodan for the scan to be able to work.

OUTPUT

Some outputs that are too large will be saved in a file in the output folder / directory.

Usage

# normal (passive and aggresive scans)

python3 gsec.py -t https://domain.com

# Passive Recon

python3 gsec.py -t https://domain.com --passive_recon

# Ultimate Scan (Scan for High and Severe CVEs and Vulnerabilities with nuclei)

python3 gsec.py --ultimatescan https://target.com

Anonimity

ProxyChains

You can use Proxychains with tor for anonimity.

proxychains -q python3 gsec.py -t https://target.com

Keywords

If Gsec finds a vulnerability and it has the POSSIBLE! keyword in the output that means it could be a false positive and you need to manually test the vulnerability to make sure it's actually vulnerable.

Coming Soon...

I'm working on adding proxy support for Gsec, it will be added in future releases.

Issues

In python3.10+ you might get an SSL error while running Gsec. To fix this issue just pip3 install ceritifi and then do /Applications/Python\ 3.10/Install\ Certificates.command and the issue will be fixed.

More Repositories

1

spyhunt

recon for bug hunters
Python
310
star
2

forbiddenpass

Python
124
star
3

valhalla

Valhalla finds vulnerable devices on shodan, it can also scan a list of domains to find vulnerabilities.
Python
23
star
4

IGF

Informatrion Gathering Framework
Python
18
star
5

DeepWeb

DeepWeb is a tool that extracts links from a webpage and does a deep analysis on every link.
Python
13
star
6

wpdisect

WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
Python
12
star
7

vulnparams

crawl a website for links and expose all the vulnerable parameters.
Python
8
star
8

CVE-2024-4040

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Python
7
star
9

VulnBanner

Checks the banner of system services and compares it to a vulnerable banner list.
Python
6
star
10

PathTraversal

Python
6
star
11

rmap

Automated enumeration for red teamers
Python
6
star
12

gotr00t0day

6
star
13

CVE-2024-4577

Argument injection vulnerability in PHP
Python
6
star
14

subdomainbrute

a subdomain brute forcer
Python
5
star
15

gotasn

Extract the IP range associated with a given ASN (Autonomous System Number) and subsequently utilize the Masscan tool to identify open HTTP ports within that range.
Python
5
star
16

SSHbrute

brute force ssh login passwords.
Python
5
star
17

subrecon

scans for subdomains and probes the domains.
Python
4
star
18

gotr00tbot

discord.py bot
Python
4
star
19

FindExploits

FindExploits is an automation script that uses windows exploit suggester in conjuction with searchsploit to find local priv escalation exploits.
Python
3
star
20

b1n4ryR3v3rs3

Shell
3
star
21

Domainator

Domainator is a tool that will find new assets for any organization.
Python
3
star
22

secheaders

Python
3
star
23

GdorkSearch

Python
2
star
24

xprobe

A fast HTTP multi tool for recon.
Python
2
star
25

localipbug

In some cases the Miscorosoft HTTP Server API leaks internal ip addresses while sending a GET / HTTP/1.0 request to the server.
Python
2
star
26

Ivanti_PoC

Authentication bypass in Ivanti Endpoint Manager Mobile
Python
2
star
27

HostHeaderInjection

Python
2
star
28

spider00t

Extract links, files and parameters from a page.
Python
2
star
29

ipgeolocation

Python
2
star
30

NextGen-Mirth-Connect-Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application.
Python
1
star
31

CVE-2022-1388

A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.
Python
1
star
32

gotr00t0day.github.io

HTML
1
star
33

DirbHunt

A fast and simple directory brute forcer
Python
1
star