GourdScanV2 is a passive vulnerability scanning system designed to detect web security issues using customizable scanning rules and automation.
被动式漏洞扫描系统
This tool is primarily used by security professionals and organizations to perform passive vulnerability assessments on web applications without active exploitation. It helps identify potential security flaws such as SQL injection, XSS, LFI, and other injection vulnerabilities by analyzing traffic and responses, enabling safer and automated vulnerability management.
The open-source version includes only simple detection rules to prevent misuse as a hacking tool; users must comply with China's Cybersecurity Law and avoid unauthorized testing. Default credentials are admin:Y3rc_admin and Redis password Y3rc_Alw4ys_B3_W1th_Y0u. For full SQL injection testing, enable and configure the SQLMap API server. Scan rules are multi-leveled and should be tuned to balance detection sensitivity and false positives. Proxy settings must be adjusted when scanning remotely (e.g., setting mix_addr to 0.0.0.0).
Install Redis server (Linux: apt-get install redis-server or compile from source)
Verify Redis version (avoid Redis 2.x due to compatibility issues)
Install Python pip package manager
Run pip install -r requirements.txt using Aliyun PyPI mirror
(Optional) Install libdnet and pylibpcap dependencies if errors occur
For Windows, download Redis-x64-3.2.100.zip and start Redis with provided config
Install Windows dependencies for packet capture if using network capture mode
For macOS, install Homebrew, then install and start Redis
Install pcapy Python package on macOS
Clone and build libdnet on macOS and install its Python bindingsredis-server conf/redis.conf
Start the Redis server with the GourdScan configuration.
python gourdscan.py
Launch the GourdScanV2 passive vulnerability scanner.