https://github.com/gobysec/goby-ai

By simply inputting text or public network links with details of vulnerability Payloads, Goby AI 2.0 can intelligently output PoC/EXP, significantly improving the efficiency of vulnerability reproduction and research.
https://github.com/gobysec/goby-ai

Last synced: about 1 month ago
JSON representation

By simply inputting text or public network links with details of vulnerability Payloads, Goby AI 2.0 can intelligently output PoC/EXP, significantly improving the efficiency of vulnerability reproduction and research.

• Host: GitHub
• URL: https://github.com/gobysec/goby-ai
• Owner: gobysec
• Created: 2024-11-25T07:37:21.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-19T09:34:19.000Z (11 months ago)
• Last Synced: 2025-02-19T10:31:18.312Z (11 months ago)
• Size: 113 KB
• Stars: 8
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Goby AI 2.0

工具描述：只需输入附带漏洞Payload细节的文本或公网链接，即可智能输出PoC/EXP，实现漏洞检测、实战化漏洞验证，显著提升实战化漏洞复现与研究的效率。

Tool description: Simply input text or public network links containing details of vulnerability Payloads, and Goby AI 2.0 can intelligently output PoC/EXP, enabling vulnerability detection and reproduction, and significantly enhancing the efficiency of practical vulnerability reproduction and research.

**![](https://s3.bmp.ovh/imgs/2024/11/22/e20edd0c3d6f2c30.gif)**

# 2.0 版本描述：

1.支持EXP智能输出；

2.优化转化成功率；

2.支持复杂型漏洞（SQL注入、文件上传等）的EXP转化。

# GobyAI——实战检验

## [*智能生成SQL注入类型漏洞EXP* ](https://github.com/gobysec/Goby-AI/blob/main/GobyAI%E5%AE%9E%E6%88%98%E6%A3%80%E9%AA%8C%EF%BC%9A%E6%99%BA%E8%83%BD%E7%94%9F%E6%88%90SQL%E6%B3%A8%E5%85%A5%E7%B1%BB%E5%9E%8B%E6%BC%8F%E6%B4%9EEXP.md)

简述：以“Supabase 后端服务平台 SQL注入漏洞”为例，展示GobyAI智能生成SQL注入类型漏洞PoC/EXP的方式及实战验证效果。

## [*智能生成文件读取类型漏洞EXP* ](https://github.com/gobysec/Goby-AI/blob/main/GobyAI%E5%AE%9E%E6%88%98%E6%A3%80%E9%AA%8C%EF%BC%9A%E6%99%BA%E8%83%BD%E7%94%9F%E6%88%90%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E7%B1%BB%E5%9E%8B%E6%BC%8F%E6%B4%9EEXP.md)

简述：以“顺景ERP TMScmQuote/GetFile 任意文件读取漏洞”为例，展示GobyAI智能生成文件类型漏洞PoC/EXP的方式及实战验证效果。

## [*智能生成未授权访问类型漏洞EXP* ](https://github.com/gobysec/Goby-AI/blob/main/GobyAI%E5%AE%9E%E6%88%98%E6%A3%80%E9%AA%8C%EF%BC%9A%E6%99%BA%E8%83%BD%E7%94%9F%E6%88%90%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%E7%B1%BB%E5%9E%8B%E6%BC%8F%E6%B4%9EEXP.md)

简述：以“金和 OA SAP_B1Config.aspx未授权访问漏洞”为例，展示GobyAI智能生成文件类型漏洞PoC/EXP的方式及实战验证效果。

# 工具获取方式：

下载Goby 最新2.9.10 beta版本：https://gobysec.net/#dl

当前Goby AI 2.0 为内测版本！全版本用户免费测试使用！点击"AI"按钮，按照引导流程参与内测

**![](https://s3.bmp.ovh/imgs/2024/11/22/745c9c7f98940cc0.webp)**

**[Goby 官网: https://gobysec.net/](https://gobysec.net/)** 

如果您有任何反馈建议，您可通过提交 issue 或是以下方式联系我们：

1. GitHub issue:[https://github.com/gobysec/Goby-AI/issues](https://github.com/gobysec/Goby-AI/issues)

2. Goby AI 2.0 交流群：关注公众号“GobySec“，回复暗号“加群”

3. 推特：[https://twitter.com/GobySec](https://twitter.com/GobySec)