{"id":13842168,"url":"https://github.com/xiecat/goblin","last_synced_at":"2025-04-08T11:09:26.051Z","repository":{"id":42175816,"uuid":"403521741","full_name":"xiecat/goblin","owner":"xiecat","description":"一款适用于红蓝对抗中的仿真钓鱼系统","archived":false,"fork":false,"pushed_at":"2023-05-30T17:39:06.000Z","size":4754,"stargazers_count":1468,"open_issues_count":6,"forks_count":204,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-04-01T09:32:03.355Z","etag":null,"topics":["blueteam","cybersecurity","goblin","golang-tools","honeypots","phishing","redteam","redteam-tools","security","security-tools"],"latest_commit_sha":null,"homepage":"https://goblin.xiecat.fun/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xiecat.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-06T07:11:53.000Z","updated_at":"2025-04-01T08:46:17.000Z","dependencies_parsed_at":"2024-06-20T14:44:56.841Z","dependency_job_id":"4ca2c5c2-c3b0-40ae-bfbe-69a40bee87cb","html_url":"https://github.com/xiecat/goblin","commit_stats":null,"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xiecat%2Fgoblin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xiecat%2Fgoblin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xiecat%2Fgoblin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xiecat%2Fgoblin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xiecat","download_url":"https://codeload.github.com/xiecat/goblin/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247829491,"owners_count":21002995,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blueteam","cybersecurity","goblin","golang-tools","honeypots","phishing","redteam","redteam-tools","security","security-tools"],"created_at":"2024-08-04T17:01:28.617Z","updated_at":"2025-04-08T11:09:26.024Z","avatar_url":"https://github.com/xiecat.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# :fishing_pole_and_fish: Goblin 钓鱼演练工具\n\n[![Latest release](https://img.shields.io/github/v/release/xiecat/goblin)](https://github.com/xiecat/goblin/releases/latest)\n![GitHub Release Date](https://img.shields.io/github/release-date/xiecat/goblin)\n![GitHub All Releases](https://img.shields.io/github/downloads/xiecat/goblin/total)\n[![GitHub issues](https://img.shields.io/github/issues/xiecat/goblin)](https://github.com/xiecat/goblin/issues)\n[![Docker Pulls](https://img.shields.io/docker/pulls/becivells/goblin)](https://hub.docker.com/r/becivells/goblin)\n![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/becivells/goblin)        \nGoblin 是一款适用于红蓝对抗的钓鱼演练工具。通过反向代理，可以在不影响用户操作的情况下无感知的获取用户的信息，或者诱导用户操作。也可以通过使用代理方式达到隐藏服务端的目的。内置插件，通过简单的配置，快速调整网页内容以达到更好的演练效果\n\n[:ledger: English README](https://github.com/xiecat/goblin/blob/master/README_EN.md)   |   [:pushpin: 下载地址](https://github.com/xiecat/goblin/releases)    |   [:book: 使用文档](https://goblin.xiecat.fun/)\n\n## :collision: 特点: \n\n* 支持缓存静态文件，加速访问\n* 支持 dump 所有请求，dump 匹配规则的请求\n* 支持访问日志输出到 es、syslog、文件等\n* 支持通过插件快速配置，调整不合适的跳转或者内容\n* 支持植入特定的 js\n* 支持修改响应内容或者 goblin 请求的内容\n* 支持通过代理方式隐藏真实 IP\n\n\n## :tv: Demo:\n\ndemo效果演示：\n![image](https://github.com/xiecat/goblin/blob/master/Demo.gif)\n\n快速体验 demo\n1. Flash demo\n```shell\ndocker run -it --rm  -p 8083:8083 -p 8084:8084 -p 8085:8085 -p 8086:8086  becivells/goblin-demo-flash\n```\n本机访问 [http://127.0.0.1:8083](http://127.0.0.1:8083) 示例仓库为: [goblin-flash-demo](https://github.com/xiecat/goblin-demo/tree/master/goblin-demo-flash)\n\n2. 默认代理百度的 demo\n```shell\ndocker run -it --rm -v $(pwd):/goblin/ -p 8084:8084 becivells/goblin\n```\n\n本机访问 [http://127.0.0.1:8084](http://127.0.0.1:8084)\n\n## :computer: 快速部署\n\n\n### Docker 快速部署\n\n运行如下命令获取镜像\n```shell\ndocker pull becivells/goblin\n```\nDockerfile 如下：\n```shell\nFROM scratch\nCOPY goblin /usr/bin/goblin\nENTRYPOINT [\"/usr/bin/goblin\"]\nWORKDIR /goblin\n```\n工作目录在 Goblin ，首先创建目录，切换到目录下，执行\n```shell\ndocker run -it --rm -v $(pwd):/goblin/ -p 8084:8084 becivells/goblin\n```\n\n\n### GitHub 安装\n\n1.访问 [https://github.com/xiecat/goblin/releases](https://github.com/xiecat/goblin/releases) 从中选择适合自己操作系统的二进制文件（注:如果无满足的文件,可进微信群咨询，进群二维码见文末）\n\n2.根据需求修改配置文件的参数，配置文件详细介绍请移步使用文档 [:point_right:配置文件介绍](https://goblin.xiecat.fun/config/)\n\n命令行参数如下\n\n```\nUsage of goblin:\n  -config string\n        Webserver port (default \"goblin.yaml\")\n  -gen-plugin string\n        Generate rule file\n  -log string\n        Webserver log file (default \"goblin.log\")\n  -log-level int\n        Log mode [1-5] 1.dump All logs include GET log and POST log, 2. Record POST log, 3. Record dump log in rules, 4. Record error log, and 5. Record exception exit log (default 2)\n  -print-config\n        print config file\n  -test-notice\n        Test message alarm\n  -v    Show version of goblin\n  -w    Write config to config file\n```\n#### :warning: 注意\n\n如果是在服务器端部署则需要修改 ip 地址如有疑问可以参考 [site](https://goblin.xiecat.fun/config/site.html) 讲解\n\n```yaml\n  Site:\n    server_ip:8084:  ## 修改为域名或者 server ip\n      Listen: 0.0.0.0\n      StaticPrefix: x9ut17jbqa\n      SSL: false\n      CAKey: \"\"\n      CACert: \"\"\n      ProxyPass: https://www.baidu.com\n      Plugin: demo\n```\n\n## :triangular_ruler: 插件系统\n\n\n插件系统介绍详细使用方法见文档[:point_right:插件系统](https://goblin.xiecat.fun/plugin/)\n\n\n## :battery: 高阶用法\n\ngoblin 使用反向代理，前端使用 cf 等代理 Goblin， 即可隐藏 Goblin 主机 具体文档可以参考 [goblin 代理配置](https://goblin.xiecat.fun/guide/proxy.html)\n\n### JS 注入\n\njs 注入有两种方式一种是跟着页面走(Replace 需要自己追加 ` \\\u003cscript\\\u003e ` 标签)，一种是跟着全局 js 文件走各有好处。\n\n这两种其实都是使用 Replace 功能\n\n#### 使用 InjectJs 注入\n\n具体文档可以参考 [goblin InjectJs 模块](https://goblin.xiecat.fun/plugin/injectjs.html)\n\n```yaml\n- url: /base.js # 待替换的js 尽量选择全局 js\n  Match: word   # 匹配方式\n  InjectJs:\n    File: aaa.js # 要替换的 js。 可以为文件或者 url\n```\n\n#### 使用 replace 注入\n\n具体文档可以参考 [goblin Replace 模块](https://goblin.xiecat.fun/plugin/replace.html)\n\n```yaml\n- url: /art_103.html # 待替换的网页\n  Match: Word\n  Replace: # 替换模块\n    - Request:\n        Method: # 匹配到如下请求方式方可替换\n          - GET\n          - POST\n        Header:\n          goblin: 1.0.1  # 替换的 header 头内容。为空则是删除。\n      Response: # 替换的响应内容\n        Body:\n          Append: \"\u003cscript type='text/javascript' src='{{ .Static }}a.js'\u003e\u003c/script\u003e\" # 追加字符串\n```\n\n\n\n## :star: 案例\n\n### [Flash 钓鱼案例](https://goblin.xiecat.fun/example/flash.html)\n\n更多案例请加微信群询问。或者提 issue 酌情增删\n\n\n## :bar_chart: Todo \n\n1. 前端记录输入框输入\n\n\n## :pray: 致谢\n\n\n感谢`小明(Master)`的使用、反馈和建议，[\\_0xf4n9x\\_](https://github.com/_0xf4n9x_) 的建议。[judas](https://github.com/JonCooperWorks/judas) 带来的灵感，还有参考其他项目，才得以快速实现\n\n\n## :speech_balloon: 意见交流\n\n您可以直接在 GitHub 仓库中提交 Issue：https://github.com/xiecat/goblin/issues\n\n与此同时您还可以加入到我们的 Goblin 微信讨论群，但由于目前群已经满 200 人了，所以请加微信 `YmVjaXZlbGxz` 留言 `goblin`，即可申请进入微信群。\n\n\n## :loudspeaker: 免责声明\n本工具仅能在取得足够合法授权的企业安全建设以及攻防演练中使用，在使用本工具过程中，您应确保自己所有行为符合当地的法律法规。 如您在使用本工具的过程中存在任何非法行为，您将自行承担所有后果，本工具所有开发者和所有贡献者不承担任何法律及连带责任。 除非您已充分阅读、完全理解并接受本协议所有条款，否则，请您不要安装并使用本工具。 您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的，即视为您已阅读并同意本协议的约束。\n\n## :laughing: Stargazers\n[![Stargazers over time](https://starchart.cc/xiecat/goblin.svg)](https://starchart.cc/xiecat/goblin)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxiecat%2Fgoblin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxiecat%2Fgoblin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxiecat%2Fgoblin/lists"}