Preface

I haven't updated this column for a long time , Today, let's introduce the tools that are often used ：Goby
Novice security friends may not be familiar with this tool , This is mainly used as a tool to scan assets for vulnerabilities , There are many built-in POC（ Vulnerability verification ） package , After the test, a detailed report will be sent to the user .

Goby download

goby Link to the official website of ：https://gobies.org/

Download the corresponding version according to your own operating system , I am here windows edition , So the download is the first one .

Download and get a compressed package , After unzipping, you can see the following files , open Goby.exe file

Goby Use

In the lower left corner, you can set the language to Chinese .

New scan task

Click on Scan You can create a scan task .

After establishing the scanning task, you can see the scanning information

Asset information ：

Vulnerability information ：

Scan report ：

So the above is what you can get from creating a new scanning task , Next, let's talk about components

Add the component

Adding components is nothing more than to make us better use Goby, such as fofa Components , Can pass fofa To obtain possible vulnerable hosts in the whole network .

and Xray It can be done to Web Scan the page , Give Way Goby More comprehensive scanning of .
Components are a good thing , Cousins can download components and use them through their own needs .

Goby Red team version

Goby To get the red team version, you can see this article ：https://zhuanlan.zhihu.com/p/361351060

Finally, I would like to invite my cousins to do the penetration test , It must be authorized to penetrate , This article is only for learning and communication , If there is any illegal event, it has nothing to do with me .