GoLismero is an open source framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans. It can run their own security tests and manage a lot of well known security tools (OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer…) take their results, feedback to the rest of tools and merge all of results. And all of this automatically.



golismero [-h] [-R RECURSIVITY] [-t TARGET] [-o OUTPUT] [-F {text,html,csv,xml,scripting,wfuzz}] [-A {all,forms,links}] [-V] [-c] [-x] [-m] [-na] [-nc] [-ns] [-ni] [-nm] [-nl] [-l] [-us HTTP_AUTH_USER] [-ps HTTP_AUTH_PASS] [-C COOKIE] [-P PROXY] [-U] [-f FINGER] [–follow]


optional arguments:
  -h, --help            show this help message and exit
  -R RECURSIVITY        recursivity level of spider. Default=0
  -t TARGET             target web site.
  -o OUTPUT             output file.
  -F {text,html,csv,xml,scripting,wfuzz}
                        output format. "scripting" is perfect to combine with
                        awk,cut,grep.... default=text
  -A {all,forms,links}  Scan only forms, only links or both. Default=all
  -V                    Show version.
  -c                    colorize output. Default=No
  -x, --search-vulns    looking url potentially dangerous and bugs. As default
                        not selected
  -m, --compat-mode     show results as compact format. As default not
  -na, --no-all         implies no-css, no-script, no-images and no-mail. As
                        default not selected.
  -nc, --no-css         don't get css links. As default not selected.
  -ns, --no-script      don't get script links. As default not selected.
  -ni, --no-images      don't get images links. As default not selected.
  -nm, --no-mail        don't get mails (mailto: tags). As default not
  -nl, --no-unparam-links
                        don't get links that have not parameters. As default
                        not selected.
  -l, --long-summary    detailed summary of process. As default not selected.
  -us HTTP_AUTH_USER, --http-auth-user HTTP_AUTH_USER
                        set http authenticacion user. As default is empty.
  -ps HTTP_AUTH_PASS, --http-auth-pass HTTP_AUTH_PASS
                        set http authenticacion pass. As default not empty.
  -C COOKIE, --cookie COOKIE
                        set custom cookie. As default is empty.
  -P PROXY, --proxy PROXY
                        set proxy, as format: IP:PORT. As default is empty.
  -U, --update          update Golismero.
  -f FINGER, --finger FINGER
                        fingerprint web aplication. As default not selected.
                        (not implemented yet)
  --follow              follow redirect. As default not redirect.


cyborg@cyborg:/usr/share/golismero$ sudo cp /usr/bin/golismero /usr/share/golismero/

cyborg@cyborg:/usr/share/golismero$ sudo golismero -t  http://google.com  -o result.txt

GoLISMERO - The Web Knife.

Daniel Garcia Garcia - [email protected] | [email protected]

[ http://google.com ]

  [L1] /search
  [L2] /images/branding/product/ico/googleg_lodp.ico
  [L3] /?hl=en&tab=w8
        | hl = en
        | hl = 
        | tab = w8
        | tab = 
        | Raw:
        | hl=en&hl=&tab=w8&tab=
  [L4] /mail/?tab=wm
        | tab = wm
        | tab = 
        | Raw:
        | tab=wm&tab=
  [L5] /?tab=wo
        | tab = wo
        | tab = 
        | Raw:
        | tab=wo&tab=
  [L6] /preferences
  [L7] /ServiceLogin?hl=en&continue=http://www.google.co.in/%3Fgfe_rd%3Dcr%26ei%3Did8MVr7JFqnG8Ae65owQ
        | hl = en
        | hl = 
        | continue = http://www.google.co.in/%3Fgfe_rd%3Dcr%26ei%3Did8MVr7JFqnG8Ae65owQ
        | continue = 
        | Raw:
        | hl=en&hl=&continue=http://www.google.co.in/%3Fgfe_rd%3Dcr%26ei%3Did8MVr7JFqnG8Ae65owQ&continue=
  [L8] /chrome/browser/
  [L9] /advanced_search
  [L10] /language_tools
  [L11] /intl/en/ads/
  [L12] /104205742743787718296
  [L13] /intl/en/about.html
  [L14] /intl/en/policies/privacy/
  [L15] /intl/en/policies/terms/
  [L16] /images/icons/product/chrome-48.png
  [L17] /logos/doodles/2015/annie-besants-168th-birthday-5735648329728000-hp.jpg

  [F1] f
      | Method: GET
      | Target: /search
      | ---------------
      | [hidden] ie = ISO-8859-1
      | [hidden] hl = en-IN
      | [hidden] source = hp
      | [hidden] biw = 
      | [hidden] bih = 
      | [No info] q = 
      | [submit] btnG = Google Search
      | [submit] btnI = I'm Feeling Lucky
      | [hidden] gbv = 1
      | ---------------
      | Raw:
        ie=ISO-8859-1&hl=en-IN&source=hp&biw=&bih=&q=&btnG=Google Search&btnI=I'm Feeling Lucky&gbv=1 

Total links: 17
Total Forms: 1

cyborg@cyborg:/usr/share/golismero$ cat result.txt 

[ http://google.com ]

  [1] /search
  [2] /images/branding/product/ico/googleg_lodp.ico
  [3] /?hl=en&tab=w8.......

Leave a reply


We're are building as a community and a team. Be a part of it.


©2018 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?