Become an AceSign inSign up
AmyangXYZ/ AssassinGo
Go HTML Shell CSS
View on GitHub
Need help with AssassinGo?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

AmyangXYZ
527 Stars 89 Forks MIT License 166 Commits 2 Opened issues

Description

An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!

Services available

!
?

Need anything else?

Contributors list

Amyang AmyangXYZ
# 185,096
Go
HTML
Shell
 158 commits
Alexandre ZANNI noraj
# 2,730
cms-fra...
exploit...
kali-li...
Markdow...
 3 commits

Rawsec's CyberSecurity Inventory MIT License

AssassinGo

AssassinGo is an extensible and concurrency information gathering and vulnerability scanning framework, with WebSocket based Web GUI.

Just for learn, welcome PR.

Features

  • [x] Retrieve Security Headers
  • [x] Bypass CloudFlare
  • [x] Detect CMS Version
  • [x] Honeypot Detect
  • [x] Port Scan
  • [x] Trace Route and Mark on Google Map
  • [x] Subdomain Scan
  • [x] Dir Scan and Site Map
  • [x] Whois Lookup
  • [x] Crawl the Paramed URLs
  • [x] Basic SQLi Check
  • [x] Basic XSS Check
  • [x] Intruder
  • [x] SSH Bruter
  • [x] Google-Hacking with Headless-Chrome
  • [x] Friendly PoC Interface
  • [x] Web GUI(using WebSocket)
  • [ ] Generate Report

Installation

localhost

git clone https://github.com/AmyangXYZ/AssassinGo
cd AssassinGo
docker-compose up --build -d
cat backup.sql | docker exec -i assassingo_mariadb_1 /usr/bin/mysql -uag --password=password ag

Then visit http://127.0.0.1:8000 and login as admin:admin

VPS

If you want to deploy on your VPS, please clone the Frontend and modify the 

base_url
of AJAX and WebSocket, then run 
npm run build
and copy the output to 
web/
directory as deploy.sh says.

Remember to add your google-map key in 

index.html
.

Demo

base

traceroute

subdomain

intruder

seek

poc

Outline Design

I choose Composite Pattern to increase expansibility.

design-pattern

API

AJAX

Path

 Method Func Params Return
/token POST sign in username=admin&password=adminn {SGToken:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1M…W4ifQ.qY-k5f54CrQ6dNdjgQgqjh5xS8iFZOjTLcfMfirY0w" (stored in cookie)}
/api/target POST set a target target=xxx OR targets=t1,t2... nil
/api/info/basic GET get ip and retrieve security headers nil {data:{"ip": "192.168.1.1", "webserver": "nginx","clickjackingprotection":true,"contentsecuritypolicy":false,"stricttransportsecurity":false,"xcontenttypeoptions":true}
/api/info/bypasscf GET find real ip behind cloudflare nil {"realip":"123.123.123.123"}
/api/info/cms GET detect cms nil {data:{"cms": "wordpress"}}
/api/info/honeypot GET get ip and webserver nil {data:{"score": "0.3"}}
/api/info/whois GET whois nil {data:{"domain":"example.com","registrarname":"alibaba", "adminname":"xiaoming", "adminemail":"[email protected]", "adminphone":"+86.12312345678", "createddate":"2016-07-28T12:57:53.0Z","expirationdate":"2018-07-28T12:57:53.0Z", "ns":"dns9.hichina.com", "state":"clienttransferprohibited"}}
/api/poc GET get poc list nil {data:{"poc_list":["drupal-rce":{"id":"CVE-2017-7602","ty## pe":"remote code execution","text":"biubiubiu","platform## ":"php","data":"2018-04-25",## "reference":"https://cve.mitre.org/cgi-## bin/cvename.cgi?name=CVE-2018-7602"},"seacms-v654-rce"]## }}
/api/poc/:poc GET run the specified poc nil {data:{"host": "example.com", "exploitable":"true"}}

WebSocket

Path

 Func Params Return
/ws/info/port port scan nil {"port": "80", "service": "http"}
/ws/info/tracert trace route and mark on google map nil {"ttl": 1, "addr": 192.168.1.1, "elapsedtime": 22720440, "country": China, "lat": 34.2583,"long": 116.1614}
/ws/info/subdomain enmu subdomain nil {"subdomain":"earth.google.com"}
/ws/info/dirb brute force dir {"concurrency":20, "dict":"php"}; {"stop":1} {"path": "admin.php", "respstatus": 200, "resplen": 110}
/ws/attack/crawl crawl paramed urls {"maxdepth": 4} {"url": "example.com/?id=1"}
/ws/attack/sqli check sqli nil {"sqliurl": "example.com/?id=1}
/ws/attack/xss check xss nil {"xssurl": "example.com/?id=1}
/ws/attack/intrude brute force {"header": "GET / HTTP/1.1 ...", "payload": "p1,p2...", "concurrency": "10"}; {"stop":1} {"payload": 1, "respstatus": 200, "resplen": 110}
/ws/attack/ssh brute force ssh {"port":"22",, "concurrency":40} {"user":"root","passwd":"biubiubiu"}
/ws/seek seek targets {"query": "biu", "se": "bing/google", "maxpage": 10} {"urls": urls}
/ws/poc/:poc run poc {concurrency:10} {"exploitablehost": "example.com"}

License

MIT

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.