Giter Site home page Giter Site logo

1in9e / gosint Goto Github PK

View Code? Open in Web Editor NEW
408.0 10.0 85.0 275.05 MB

Gosint is a distributed asset information collection and vulnerability scanning platform

Dockerfile 0.01% Python 0.58% Shell 0.01% HTML 0.23% JavaScript 97.80% CSS 1.27% Less 0.11%
osint information-security information-gathering bugbounty security-tools

gosint's Issues

Client端一直在Docker容器里面重启,顺便发现一个Bug

拿一个举例子,源代码如下:

if $subfinder; then
	cd /app/subdomain_scan/subfinder
	nohup celery -A subfinder worker -l info -c 1 -Q subfinder -n subfinder_$RANDOM --logfile=/app/logs/subfinder_celery.log >/dev/null 2>&1 &
fi

然而subfinder_$RANDOM是随机生成的,如果有大量的扫描任务后,会不会生成重复的随机数,导致覆盖原来的数据,尝试修改如下:

if $subfinder; then
    task_name="subfinder_{date+$(date '+%Y.%m.%d')}_$RANDOM"
    nohup celery -A subfinder worker -l info -c 1 -Q subfinder -n $task_name --logfile=/app/logs/subfinder_celery.log > /dev/null 2>&1 &
    if [$? -eq 0]; then
    echo "subfinder 任务成功启动!"
    fi
fi

gosint_client 一直在重启

gosint_client 一直在重启可能是什么原因,还有,日志和celery监控都打不开,哪里可以看到输出的日志?

扫描无结果

新建任务后,[漏洞任务]仅文件指纹有结果,
版本是:1.0.2,
配置如下(更换了xray的lic):

截屏2022-01-26 上午11 06 21
截屏2022-01-26 上午11 09 28
截屏2022-01-26 上午11 07 43

500报错

使用下列命令一键安装
cd gosint/
docker-compose up -d --build
登录--扫描管理--增加扫描任务--save(保存)后报错500
image

需求建议

考虑加入网络空间测绘、比如fofa、hunter、qunake等等之类经过去重整理的模块吗

扫描即结束

不管扫描引擎配置是怎么样,在保存后,扫描状态瞬间变为扫描完成

docker

在docker部署过程中,因为豆瓣的pip镜像源我这边可能连接有问题,我在Dockerfile文件内容修改了 -i https://pypi.tuna.tsinghua.edu.cn/simple (清华的);但是再使用docker-compose up --build -d 部署时候还是发现使用了豆瓣的镜像源
企业微信截图_16569231965917

登录界面

在 docker-compose up -d --build 之后,直接访问 8001 端口一直显示 502?在哪跳转呢。

单一服务器部署失败

单一服务器部署
生产环境搭建,采取docker化部署的方案

服务器需安装docker / docker-compose, 请自行安装

cd gosint/
docker-compose up -d --build

Step 7/17 : ADD thirdparty/requirements.txt /app
ADD failed: file not found in build context or excluded by .dockerignore: stat thirdparty/requirements.txt: file does not exist
ERROR: Service 'web' failed to build : Build failed

bug反馈

子域名扫描任务,调用subfinder扫描结束后,资产管理里面也确实出现扫描到的子域名,但无解析记录,同时端口扫描任务也无法继续下去
image
image

Celery监控还是无法正常打开

之前显示是连接不上127.0.0.1,然后按照最新的说明改成了vps的ip地址,但是弹出了登录框,输入任何密码都不正确
image

docker启动 一直显示扫描

经过查看后发现是docker内 xray ksubdomain 等软件没有权限
chmod u+x xx增加权限后
发现ksubdomain 依旧无法扫描 无法读取网卡

readme中优化

readme中修改账户密码的地方应该再清楚点,比如给个注释 示例,大多数人会选择先修改账户密码 再去起起来。

提问

作者不再继续更新了吗 ,很期待

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.