| Follow @lancinimarco

Reading time ~1 minute

GoScan v2

A couple of months ago I released GoScan, which started more as a side-project useful for me to learn @golang.

The original idea was to port in Go a collection of python scripts I created years ago while taking OSCP, and then rarely used afterwards due to their “hacky” nature (hey, in OSCP time is everything, and you don’t really care about being stealthy, or “polite” against your targets).

I now wanted something more stable that I could use even during professional pentests, so I spent some time refactoring and refining the codebase.

Introducing GoScan V2

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap.

Although it started as a small side-project, GoScan can now be used to perform host discovery, port scanning, and service enumeration not only in situations where being stealthy is not a priority and time is limited (think at CTFs, OSCP, exams, etc.), but also (with a few tweaks in its configuration) during professional engagements.

GoScan is also particularly suited for unstable environments (think unreliable network connectivity, lack of “screen”, etc.), given that it fires scans and maintain their state in an SQLite database. Scans runs in the background (detached from the main thread), so even if connection to the box running GoScan is lost, results can be uploaded asynchronously. That is, data can be imported into GoScan at different stages of the process, without the need to restart the entire process from scratch if something goes wrong.

In addition, the Service Enumeration phase integrates a collection of other tools (e.g., EyeWitness, Hydra, nikto, etc.), each one tailored to target a specific service.


Installation and detailed usage instructions can be found on Github.

Changelog for V2

  • Complete refactoring of the core, new syntax, new commands
  • Multi-step processing: detached processes for unstable environments, state saved in SQLite
  • Port scan: new TCP and UDP PROD scans
  • Improved enumeration
  • Dry-runs for enumeration
  • EyeWitness integration (for HTTP, RDP, VNC)
  • Improved documentation
  • Historical Tracking

GoScan can be found on Github: https://github.com/marco-lancini/goscan.

Marco Lancini

Marco Lancini
Hi, I'm Marco Lancini. I'm a Security Engineer, mainly interested in cloud native technologies, devops, and network security...