AssassinGo is an automated Web penetration framework using Golang that integrates high-availability information collection, basic attack vector detection, Google Hacking and PoC custom addition and bulk detection of targets. The front and back end interaction mainly adopts WebSocket technology, which will display the results in the foreground in real time. Moreover, it has strong scalability, and users can add custom functions when realizing the interface of each module.
Project website: https://assassin-go.ink
Making: https://github.com/AmyangXYZ/AssassinGo
function
Information Collection
-
HTTP security header check
-
Server identification
-
CMS Version Identification
-
Honeypot probability detection
-
CloudFlare bypasses and detects Real IP
-
Routing nodes are tracked and visually marked on the googlemap
-
Port scanning
-
Directory blasting and visualization of Sitemap
-
Whois information
-
Subdomain scanning
Precise honeypot probability detection, simultaneous blowup, perfect visual topology, and CloudFlare’s ability to bypass and detect real IP addresses may help users in the real penetration process
Here are some screenshots of the features:
(1) Basic information collection:
(2) Route detection and visual marking on the map:
Basic attack
-
Site crawler
-
SQLi detection
-
Reflective XSS
-
Intruder
-
SSH blasting
Here are some screenshots of the features:
Intruder
Crawlers and XSS detection will also be upgraded to the Headless-Chrome version in the next release
Google-Hacking
The back end calls headless-Chrome to crawl Google or Bing search results, with full Support for Google-hacking syntax and no anti-crawler detection. This can also be said to be a major feature, using its powerful search ability and detailed search syntax and humanized help to achieve powerful targeted information collection and automatic extraction.
Detailed, Google Hacking syntax document will refer to carefully organize the git project team members, below is the address of the project: https://github.com/K0rz3n/GoogleHacking-Page
POC batch accurate detection
The framework can be built with a large selection of the latest POCs and will display detailed information about the POCS. We provide a very convenient interface for users to add POC by themselves. Users can search POC for detection according to the batch or single target searched by the previous function, which is very convenient and fast, and can greatly improve the efficiency of penetration test.
Here is a screenshot of the function:
Web services
The back end is based on SweetyGo
The front end is Vue based.
The front and back end interaction uses WebSocket extensively, so that the scan results are displayed in the foreground immediately.
Design of the profile
The back-end implementation selects the composite mode.
Information collection interface Gatherer, basic attack interface Attacker, and Vulnerability PoC authentication interface are basically the same, which all contain the following three methods:
-
* * Set (… Interface {}) : ** Sets the parameters necessary for this function or PoC, such as destination, port, number of concurrent requests, and so on.
-
**Run() : ** function start entry.
-
**Report() map[string]interface{} : ** Returns the execution result for subsequent Report generation.
The POC interface also needs to implement an additional Info() string method that returns basic information about the vulnerability.
When adding new functionality or updating the PoC, simply write a new.go file and implement the corresponding interface’s methods.
For example, when a NEW PoC of remote code execution vulnerability is published, we can directly create a XX-rce. go file (referring to several poCs already written) to implement the above interface, and after recompiling the whole project (go language compilation time is only a few seconds), we can call the PoC in the foreground to detect the target.
The project schedule
Basic features are developed, a demo version is deployed,
Due to limited server performance, registration is not open. If you want to experience it, please contact me to register manually ([email protected]).
Or build it locally, with the necessary shell scripts and docker-compose already written.
Due to the limited staff of the team, many parts are not perfect, and there are not many POCs. I hope you can understand.
Thank you
We would like to express our heartfelt thanks to all the team members for their hard work during the development of this project.
@amyang@u1in@k0rz3n, we also look forward to your joining us.