shadow1ng/fscan

Fscan is a command-line security scanning tool written in Go for testing internal networks. It is designed for penetration testers and IT security staff who have been given permission to check a network for weaknesses. The README states it is only for legally authorized security work on systems you own or have authorization to test, and the author takes no responsibility for unauthorized use. On the scanning side, fscan can find which machines on a network are live, scan their ports, and identify what services are running on each one, covering over 20 service types. For websites it reads page titles, detects the underlying software stack, and checks for web application firewalls or content delivery networks from a database of over 40 signatures. The tool can also test over 28 common services for weak passwords, including SSH, RDP, SMB, FTP, MySQL, MSSQL, Oracle, and Redis, using a built-in list of frequently used credentials. Fscan also checks for specific known vulnerabilities: certain critical Windows flaws, services that have no authentication at all such as open Redis or MongoDB instances, and web application issues using proof-of-concept scripts in formats compatible with other security tools. Once on a machine, local modules can gather system information, collect credentials from memory, and set up persistent access or reverse connections. Output can be saved as plain text, JSON, or CSV. Scans can be run through HTTP or SOCKS5 proxies, rate-limited to avoid overwhelming routers, and fine-tuned with separate thread counts for port scanning versus service detection. A built-in web interface, enabled at compile time, lets you manage scan tasks visually. The project ships documentation in both Chinese and English, includes a Docker-based practice range for learning, and is part of a curated list of Chinese open-source security tools. A lighter version rewritten in C for environments with limited resources is also planned.