chainreactors

chainreactors/gogo

Go GPL-3.0 Security

面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams

2.1k stars
196 forks
active
GitHub +3 / week

2.1k

Stars

196

Forks

19

Open issues

3

Contributors

AI Analysis

Gogo is a high-performance automated reconnaissance and vulnerability scanning engine purpose-built for red team operations, supporting active/passive fingerprinting, nuclei POC integration, and heuristic scanning modes. It is specifically designed for network reconnaissance professionals and penetration testers who need fine-grained control over scanning behavior, minimal packet footprint, and DSL-based customization—not for general security scanning or non-specialized users.

Security Security Tool Discovery value: 6/10
Documentation 8/10
Activity 9/10
Community 7/10
Code quality 5/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 8/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

red-team-tooling network-reconnaissance vulnerability-scanning golang-native extensible-dsl
Actively maintained Well documented Niche/specialized use case Production ready
Deep Analysis · Based on README and public signals
1w ago

Go-based reconnaissance scanner for red teams with tunable port configs, fingerprinting, and Nuclei PoC support.

Gogo is a Go-written automated scanning engine designed for penetration testers and red teamers. It focuses on port scanning, service fingerprinting, vulnerability PoC execution via Nuclei, and information extraction with emphasis on minimizing packet overhead and memory use. The project targets operators who need fine-grained control over scan behavior and scope. Real-world adoption remains modest but concentrated within Chinese security communities; adoption outside this region is not verified.

Origin

Created June 2022, Gogo emerged during the wider adoption of Go for security tooling. The project was positioned as an alternative to general-purpose scanners, emphasizing red team workflows and DSL-driven customization. A blog post introducing the project appeared in November 2022.

Growth

Stars grew to ~2,094 by mid-2026, with forks at 196 and recent weekly growth of 6 stars. The project has remained consistently active with a push on 2026-06-29, suggesting ongoing maintenance. Growth has been steady rather than explosive, reflecting adoption in a specialized segment rather than broad mainstream traction.

In production

Adoption not verified beyond assumed use within Chinese red team communities. No public case studies, company endorsements, or documented large-scale deployments mentioned. The project appears in security tool aggregators and has generated discussion in Chinese security circles, but adoption outside that region and among enterprises is not evidenced.

Code analysis
Architecture

Appears to be a modular Go application with pluggable port configuration (via tags and ranges), passive/active fingerprinting modes, Nuclei integration for PoC execution, and a DSL-driven workflow system. The README indicates minimal external dependencies ('纯原生go编写'—pure native Go). Heuristic scanning modes (smart, supersmart) suggest layered reconnaissance strategies. Exact implementation details cannot be verified from README alone.

Tests

Not documented in README. No mention of test suites, CI/CD pipelines, or testing methodology.

Maintenance

Recent push on 2026-06-29 (within 4 days of evaluation date 2026-07-03) indicates active maintenance. Steady star accumulation and fork count suggest continued interest. No evidence of abandonment or multi-month gaps in commits visible from metadata.

Honest verdict

ADOPT IF: you are a red teamer or pentester who values minimal packet overhead, customizable workflows via DSL, and integrated fingerprinting + PoC execution in a single statically-linked binary, and you operate primarily in environments where Go can run (including legacy Windows). AVOID IF: you need broad, community-validated PoC libraries (Nuclei's public templates vastly exceed Gogo's), enterprise support, or cross-platform GUI tooling. MONITOR IF: you work in environments where Gogo's templates repository (chainreactors/templates) gains significant expansion, or if adoption in non-Chinese-speaking communities begins to materialize.

Independent dimensions

Mainstream potential

3/10

Technical importance

6/10

Adoption evidence

4/10

Risks
  • Adoption outside Chinese-speaking security communities is not verified; language barrier (README and documentation primarily in Chinese) may limit discoverability and contribution.
  • Ecosystem dependency on chainreactors/templates repository; if template maintenance slows, PoC coverage stagnates relative to rapidly-evolving public exploits.
  • No visible test suite, CI/CD pipeline, or code review process documented; maintenance quality and security vetting opaqueness.
  • Narrow specialization in red team workflows may limit appeal to enterprises seeking vendor-neutral, widely-audited scanning infrastructure.
  • Integration with Nuclei (via 'neutron' fork) creates maintenance burden if upstream Nuclei changes significantly or this fork diverges.
Prediction

Gogo will likely remain a stable, moderately-adopted tool within specialized red team and Chinese security operator communities. Mainstream enterprise adoption is unlikely without broader English documentation, public security audits, and template ecosystem growth beyond Chinese sources. The project will persist in maintenance mode with slow, steady growth.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

Go
98.5%
Shell
0.9%
Python
0.6%
Batchfile
0%

Information

Language
Go
License
GPL-3.0
Last updated
6d ago
Created
50mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Similar repos

chainreactors

chainreactors/spray

Spray is a high-performance HTTP directory fuzzer written in Go, designed for...

yogeshojha

yogeshojha/rengine

reNgine is an automated reconnaissance framework for web application...

8.7k HTML Security
go-vgo

go-vgo/robotgo

RobotGo is a Go library for cross-platform desktop automation, GUI control, and...

10.7k Go Dev Tools
vs. alternatives
Nuclei (projectdiscovery/nuclei)

Nuclei is a PoC runner; Gogo wraps Nuclei (via 'neutron' fork) as one component within a broader scanner combining port enumeration, fingerprinting, and workflow orchestration. Nuclei dominates template sharing; Gogo adds infrastructure orchestration.

Nmap + Nessus

Gogo targets different use cases—speed, minimal packet overhead, and red team DSL customization over comprehensive vulnerability scoring. Nmap/Nessus are enterprise-oriented; Gogo is operator-centric.

Shodan CLI / Censys

Gogo is local/internal-network scanning; Shodan/Censys are passive internet-scale reconnaissance. Different problem domains.

Metasploit auxiliary modules

Gogo focuses on scanning and fingerprinting; Metasploit provides post-exploitation. Gogo is more granular on enumeration; Metasploit is broader but heavier.

Masscan + custom scripts

Gogo offers integrated fingerprinting, PoC, and DSL; Masscan is a raw port scanner. Gogo trades raw speed for higher-level orchestration.