The project is based on go with vue to build a management system for sensitive information detection. This is the total fresh version, you can refer the old version here. For the full introduction of the new version, please refer here.
- Support multi platform, including Gitlab, Github, Searchcode
- Flexible menu and API permission setting
- Flexible rules and filter rules
- Utilize gobuster to brute force subdomain
- Easily used management system
For the deployment, it's suggested to install nginx. Place the dist folder under html, modify the nginx.conf to reverse proxy the backend service. I have also made a video for the deployment in bilibili and youtube. For the deploment in windows, refer here.
location /api/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://127.0.0.1:8888;
}
The deployment work is very easy. Find the corresponding binary zip file from releases. Unzip and run. Remember to copy the files inside dist to html folder of nginx.
./gshark web
./gshark scan
git clone https://github.com/madneal/gshark.git
cd server
go mod tidy
mv config-temp.yaml config.yaml
go build
./gshark web
If you want to set up the scan service, please run:
./gshark scan
cd ../web
npm install
npm run serve
USAGE:
gshark [global options] command [command options] [arguments...]
COMMANDS:
web Startup a web Service
scan Start to scan github leak info
help, h Show a list of commands or help for one command
GLOBAL OPTIONS:
--debug, -d Debug Mode
--host value, -H value web listen address (default: "0.0.0.0")
--port value, -p value web listen port (default: 8000)
--time value, -t value scan interval(second) (default: 900)
--help, -h show help
--version, -v print the version
To execute ./gshark scan, you need to add a Github token for crawl information in github. You can generate a token in tokens. Most access scopes are enough. For Gitlab search, remember to add token too.
- 2021-11-12 发布文章《GShark:多平台的敏感信息监测工具》