ZH | EN

Scan for sensitive information easily and effectively.

The project is based on Go and Vue to build a management system for sensitive information detection. For the full introduction, please refer to articles and videos.

• Support multi platforms, including Gitlab, Github, Searchcode
• Flexible menu and API permission setting
• Flexible rules and filter rules
• Utilize gobuster to brute force subdomain
• Easily used management system

It's suggested to deploy the frontend project by nginx. Place the dist folder under /var/www/html, modify the nginx.conf to reverse proxy the backend service. For the detailed deployment videos, refer to bilibili or youtube. For the deployment in windows, refer to here.

location /api/ {
proxy_set_header Host $http_host;
proxy_set_header  X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://127.0.0.1:8888;
}

The deployment work is very easy. Find the corresponding version zip file from releases. Unzip and copy the files inside dist to /var/www/html folder of nginx. Start the nginx and the frontend is deploy successfully.

./gshark web

./gshark scan

git clone https://github.com/madneal/gshark.git

cd server

go mod tidy

mv config-temp.yaml config.yaml

go build

./gshark web

If you want to set up the scan service, please run:

./gshark scan

cd ../web

npm install

npm run serve

USAGE:
   gshark [global options] command [command options] [arguments...]

COMMANDS:
     web      Startup a web Service
     scan     Start to scan github leak info
     help, h  Show a list of commands or help for one command

GLOBAL OPTIONS:
   --debug, -d             Debug Mode
   --host value, -H value  web listen address (default: "0.0.0.0")
   --port value, -p value  web listen port (default: 8000)
   --time value, -t value  scan interval(second) (default: 900)
   --help, -h              show help
   --version, -v           print the version

To execute ./gshark scan, you need to add a Github token for crawl information in github. You can generate a token in tokens. Most access scopes are enough. For Gitlab search, remember to add token too.

1. Default username and password to login

gshark/gshark

2. Database initial failed

make sure the version of mysql is over 5.6. And remove the databse before initial the second time.

3. go get ./... connection error

It's suggested to enable goproxy(refer this article for golang upgrade):

go env -w GOPROXY=https://goproxy.cn,direct
go env -w GO111MODULE=on

4. When deployed the web to nginx, the page was empty

try to clear the LocalStorage

• gin-vue-admin

If you would like to join wechat group, you can add my wechat mmadneal with the message gshark.

Apache License 2.0

GShark 是 404Team 星链计划2.0中的一环，如果对 GShark 有任何疑问又或是想要找小伙伴交流，可以参考星链计划的加群方式。

• https://github.com/knownsec/404StarLink2.0-Galaxy#community