• Stars
    star
    302
  • Rank 138,030 (Top 3 %)
  • Language
    Python
  • Created over 2 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Web Security Scanner

Gsec

Web Security Scanner & Exploitation.

Based on custom vulnerability scanners & Nuclei

Python Version Issues Stars Twitter

Features • Keys • Install • Usage • KeyWords • Join Discord


Features

  • Passive Scan

    • Find assets with shodan
    • RapidDNS to get subdomains
    • Certsh to enumerate subdomains
    • DNS enumeration
    • Waybackurls to fetch old links
    • Find domains belonging to your target
  • Normal / Agressive Scan

    • Domain http code
    • Web port scanning
    • Server information
    • HTTP security header scanner
    • CMS security identifier / misconfiguration scanner
    • Technology scanner
    • Programming Language check
    • Path Traversal scan
    • Web Crawler
    • OS detection
    • Nuclei vulnerability scanning
    • SSRF, XSS, Host header injection and Cors Misconfiguration Scanners.

Installation

Make sure you have GoLang installed, with out it you won't be able to install nuclei.

git clone https://github.com/gotr00t0day/Gsec.git

cd Gsec

pip3 install -r requirements.txt

# Make sure that nuclei-templates is cloned in the / directory. Gsec fetches the templates from ~/nuclei-templates
python3 install.py

Keys

Gsec will fetch the shodan API key from the core directory, the passive recon script supports scanning with shodan,
please save your shodan key in core/.shodan for the scan to be able to work.

OUTPUT

Some outputs that are too large will be saved in a file in the output folder / directory.

Usage

# normal (passive and aggresive scans)

python3 gsec.py -t https://domain.com

# Passive Recon

python3 gsec.py -t https://domain.com --passive_recon

# Ultimate Scan (Scan for High and Severe CVEs and Vulnerabilities with nuclei)

python3 gsec.py --ultimatescan https://target.com

Anonimity

ProxyChains

You can use Proxychains with tor for anonimity.

proxychains -q python3 gsec.py -t https://target.com

Keywords

If Gsec finds a vulnerability and it has the POSSIBLE! keyword in the output that means it could be a false positive and you need to manually test the vulnerability to make sure it's actually vulnerable.

Coming Soon...

I'm working on adding proxy support for Gsec, it will be added in future releases.

Issues

In python3.10+ you might get an SSL error while running Gsec. To fix this issue just pip3 install ceritifi and then do /Applications/Python\ 3.10/Install\ Certificates.command and the issue will be fixed.

More Repositories

1

spyhunt

recon for bug hunters
Python
470
star
2

forbiddenpass

Python
148
star
3

valhalla

Valhalla finds vulnerable devices on shodan, it can also scan a list of domains to find vulnerabilities.
Python
37
star
4

IGF

Informatrion Gathering Framework
Python
20
star
5

DeepWeb

DeepWeb is a tool that extracts links from a webpage and does a deep analysis on every link.
Python
15
star
6

wpdisect

WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
Python
12
star
7

CVE-2024-4577

Argument injection vulnerability in PHP
Python
10
star
8

vulnparams

crawl a website for links and expose all the vulnerable parameters.
Python
9
star
9

CVE-2024-4040

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Python
9
star
10

subdomainbrute

a subdomain brute forcer
Python
6
star
11

VulnBanner

Checks the banner of system services and compares it to a vulnerable banner list.
Python
6
star
12

PathTraversal

Python
6
star
13

gotasn

Extract the IP range associated with a given ASN (Autonomous System Number) and subsequently utilize the Masscan tool to identify open HTTP ports within that range.
Python
6
star
14

gotr00t0day

6
star
15

SSHbrute

brute force ssh login passwords.
Python
6
star
16

rmap

Automated enumeration for red teamers
Python
5
star
17

subrecon

scans for subdomains and probes the domains.
Python
4
star
18

b1n4ryR3v3rs3

Shell
4
star
19

gotr00tbot

discord.py bot
Python
4
star
20

GdorkSearch

Python
3
star
21

FindExploits

FindExploits is an automation script that uses windows exploit suggester in conjuction with searchsploit to find local priv escalation exploits.
Python
3
star
22

Domainator

Domainator is a tool that will find new assets for any organization.
Python
3
star
23

spider00t

Extract links, files and parameters from a page.
Python
3
star
24

secheaders

Python
3
star
25

ipgeolocation

Python
3
star
26

xprobe

A fast HTTP multi tool for recon.
Python
2
star
27

localipbug

In some cases the Miscorosoft HTTP Server API leaks internal ip addresses while sending a GET / HTTP/1.0 request to the server.
Python
2
star
28

Ivanti_PoC

Authentication bypass in Ivanti Endpoint Manager Mobile
Python
2
star
29

HostHeaderInjection

Python
2
star
30

CVE-2022-1388

A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.
Python
2
star
31

CVE-2024-28995

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Python
1
star
32

NextGen-Mirth-Connect-Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application.
Python
1
star
33

gotr00t0day.github.io

HTML
1
star
34

DirbHunt

A fast and simple directory brute forcer
Python
1
star