A blazing-fast, comprehensive reconnaissance tool built in Go for modern security professionals.
π Quick Start β’ π Documentation β’ β¨ Features β’ π€ Contributing β’ π¬ Community
BannerGrapV2.1.mp4
BannerGrapV2 is a next-generation reconnaissance tool designed for both Red Teams and Blue Teams, combining speed, accuracy, and comprehensive reporting into a single powerful package.
By this DevSecOps Based' tool you can-> Recon, vuln discovery, brute force, attack surface mapping, reporting, exploit probing,Asset inventory, vuln management, credential hygiene, exposure monitoring, IR, compliance.
- π΄ Red Team Operations - Attack surface mapping and exploitation
- π΅ Blue Team Defense - Asset inventory and vulnerability management
- π Bug Bounty Hunters - Quick reconnaissance and discovery
- π‘οΈ Security Auditors - Compliance and security assessments
- π§ DevSecOps Engineers - CI/CD security integration
|
|
|
|
- Go 1.21 or higher
- Linux, macOS, or Windows
- Root/Administrator privileges (for some scan types)
# Linux/macOS
curl -L https://github.com/MrEchoFi/BannerGrapV2/releases/latest/download/bannergrapv2-linux-amd64 -o bannergrapv2
chmod +x bannergrapv2
sudo mv bannergrapv2 /usr/local/bin/
bannergrapv2
bannergrapv2 -h
# Windows (PowerShell)
Invoke-WebRequest -Uri "https://github.com/MrEchoFi/BannerGrapV2/releases/latest/download/bannergrapv2-windows-amd64.exe" -OutFile "bannergrapv2.exe"# Clone the repository
git clone https://github.com/MrEchoFi/BannerGrapV2.git
cd BannerGrapV2
# Build
go build -o bannergrapv2 .
# Optional: Install globally
sudo mv bannergrapv2 /usr/local/bin/go install github.com/MrEchoFi/BannerGrapV2@latest# using "Docker" for Containerized performence with safety/lab:
git clone <github link>
cd BannerGrapV2
[+] run the tool and follow its 'bannerGrap_Guid or Usage.txt';
but specially read & follow this-> 'New_advanced_bashScripts.md' for full usage of guidelines.
By this guidline u can use this tool in aggressive mode, basic mode and intermediate mode.
# Build the Docker image
docker build -t bannerv2 .
# then run:
docker run bannerv2
### Test Tool in Container with more clean (Optional):
docker run --rm bannerv2
[+]NOTE: follow the guidline- 'New_advanced_bashScripts.md' for better bash scripting. ### Minikube Setup:
# This will spin up your local K8s cluster using your WSL2 Docker
minikube start --driver=docker
# Optional: enable the default storageclass and dashboard
minikube addons enable default-storageclass
minikube addons enable dashboard
# OR You can directly run this :
chmod +x start_banner.sh
# then run:
./start_banner.sh
[+] run the tool and follow its 'bannerGrap_Guid or Usage.txt';
but specially read & follow this-> 'New_advanced_bashScripts.md' for full usage of guidelines.
By this guidline u can use this tool in aggressive mode, basic mode and intermediate mode.
# Convert using 'chmod':
chmod +x run_bannerv2.sh
# THEN Run like this:
./run_bannerv2.sh <target ip> <port> --proto http https --threads 20 --timeout 8 --o scan.csv --v
[+] //follow the guidline- 'New_advanced_bashScripts.md' for better bash scripting .. Flags:
-f string
File containing newline-separated targets (host or host:port)
-proto string
Protocol to use: http (default), https, ftp, smtp, ssh, telnet, custom
-port string
Override port for every target (overrides both target ports and defaults)
-payload string
Custom payload to send (default is protocol-specific)
-timeout int
Connection + read timeout in seconds (default 5)
-threads int
Number of simultaneous connections (default 10)
-o string
Output file path (.json or .csv, txt inferred by extension; console if empty)
-h help
# Version & Help:
go run bannerGrap.go --version
go run bannerGrap.go -h
# Scan a single host
go run bannerGrap.go example.com
go run bannerGrap.go example.com:80
# or,
bannergrapv2 192.168.1.1
# Scan multiple hosts
bannergrapv2 -f targets.txt
# or,
go run bannerGrap.go -f targets.txt
go run bannerGrap.go -f targets.txt -proto http
go run bannerGrap.go -f targets.txt -proto https
go run bannerGrap.go -f targets.txt -proto ftp
go run bannerGrap.go -f targets.txt -proto smtp
go run bannerGrap.go -f targets.txt -proto ssh
go run bannerGrap.go -f targets.txt -proto telnet
go run bannerGrap.go -f targets.txt -proto custom
go run bannerGrap.go -f targets.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
go run bannerGrap.go -f targets.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -timeout 10
go run bannerGrap.go -f targets.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -timeout 10 -threads 5
# Custom Payloads: Send your own payload(SMTP VRFY or EXPN, FTP USER, etc.)
go run bannerGrap.go -proto smtp -payload "VRFY postmaster\r\n" mail.example.com
go run bannerGrap.go -proto smtp -payload "EXPN postmaster\r\n" mail.example.com
go run bannerGrap.go -proto ftp -payload "USER anonymous\r\n" ftp.example.com
go run bannerGrap.go -proto ssh -payload "SSH-2.0-OpenSSH_7.4\r\n" ssh.example.com
go run bannerGrap.go -proto telnet -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" telnet.example.com
go run bannerGrap.go -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" custom.example.com
go run bannerGrap.go -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" custom.example.com:8080
go run bannerGrap.go -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" custom.example.com:8080 -timeout 10
# Scan with custom ports
bannergrapv2 192.168.1.1 -ports 80,443,8080,3306
### Save with output ###
# JSON output:
go run bannerGrap.go -f hosts.txt -o results.json
# CSV output:
go run bannerGrap.go -f hosts.txt -o results.csv
# Text output:
go run bannerGrap.go -f hosts.txt -o results.txt
# Console output:
go run bannerGrap.go -f hosts.txt
# JSON output with custom payload:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -o results.json
# CSV output with custom payload:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -o results.csv
#Text output with custom payload:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -o results.txt
#Console output with custom payload:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
#JSON output with custom payload and timeout:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -timeout 10 -o results.json
# CSV output with custom payload and timeout:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -timeout 10 -o results.csv
# Text output with custom payload and timeout and threads and port and protocol:
go run bannerGrap.go -f hosts.txt -proto custom -payload "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n" -timeout 10 -threads 5 -port 80 -proto http -o results.txt
# Full scan with all features
# βExtremeβ Combined:
[+] Scan 1,000 hosts, all on port 443 via HTTPS, with custom headers, 200 concurrent workers, and dump to CSV:
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto https \
-port 443 \
-payload "GET /status HTTP/1.1\r\nHost: %s\r\nUser-Agent: BannerBot/1.0\r\n\r\n" \
-threads 200 \
-timeout 3 \
-o full_scan.csv
//Scan 1,000 hosts, all on port 443 via HTTPS, with custom headers, 200 concurrent workers, and dump to JSON:
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto https \
-port 443 \
-payload "GET /status HTTP/1.1\r\nHost: %s\r\nUser-Agent: BannerBot/1.0\r\n\r\n" \
-threads 200 \
-timeout 3 \
-o full_scan.json
//Scan 1,000 hosts, all on port 443 via HTTPS, with custom headers, 200 concurrent workers, and dump to console:
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto https \
-port 443 \
-payload "GET /status HTTP/1.1\r\nHost: %s\r\nUser-Agent: BannerBot/1.0\r\n\r\n" \
-threads 200 \
-timeout 3 \
-o full_scan.txt
//Scan 1,000 hosts, all on port 443 via HTTPS, with custom headers, 200 concurrent workers, and dump to console:
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto https \
-port 443 \
-payload "GET /status HTTP/1.1\r\nHost: %s\r\nUser-Agent: BannerBot/1.0\r\n\r\n" \
-threads 200 \
-timeout 3 \
-o full_scan.txt
[+] // Massive HTTPS Scan with Custom Header & CSV Output: Scan 10 000 domains over TLS, 500 threads, 2 s timeout, dump to CSV-
go run bannerGrap.go \
-f ten_thousand_domains.txt \
-proto https \
-port 443 \
-payload "GET / HTTP/1.1\r\nHost: %s\r\nUser-Agent: AggroBot/5.0\r\nAccept: */*\r\n\r\n" \
-threads 500 \
-timeout 2 \
-o https_scan_results.csv
// Massive HTTPS Scan with Custom Header & JSON Output: Scan 10 000 domains over TLS, 500 threads, 2 s timeout, dump to JSON-
go run bannerGrap.go \
-f ten_thousand_domains.txt \
-proto https \
-port 443 \
-payload "GET / HTTP/1.1\r\nHost: %s\r\nUser-Agent: AggroBot/5.0\r\nAccept: */*\r\n\r\n" \
-threads 500 \
-timeout 2 \
-o https_scan_results.json
// Massive HTTPS Scan with Custom Header & Console Output: Scan 10 000 domains over TLS, 500 threads, 2 s timeout, dump to console-
go run bannerGrap.go \
-f ten_thousand_domains.txt \
-proto https \
-port 443 \
-payload "GET / HTTP/1.1\r\nHost: %s\r\nUser-Agent: AggroBot/5.0\r\nAccept: */*\r\n\r\n" \
-threads 500 \
-timeout 2 \
-o https_scan_results.txt
3.3] Ultra-Fast HTTP Sweep on IP Range: Hit 192.168.1.1β254 on port 80 with 254 threads and 1 s timeout-
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto http \
-port 80 \
-payload "GET / HTTP/1.1\r\nHost: %s\r\nUser-Agent: AggroBot/5.0\r\nAccept: */*\r\n\r\n" \
-threads 254 \
-timeout 1 \
-o http_sweep.csv
//////
go run banner_grabber.go \
-f <(for i in $(seq 1 254); do echo \"192.168.1.$i\"; done) \
-proto http \
-threads 254 \
-timeout 1
-o http_sweep.csv
-o http_sweep.json
-o http_sweep.txt
[+} SMTP Banner Harvesting in Bulk (JSON): Pull EHLO banners from mail servers list, override port to 25, output JSON-
//Pull EHLO banners from mail servers list, override port to 25, output JSON-
go run bannerGrap.go \
-f mail_hosts.txt \
-proto smtp \
-port 25 \
-threads 100 \
-timeout 5 \
-o smtp_banners.json
//Pull HTTP banners from web servers list, override port to 80, output CSV-
go run bannerGrap.go \
-f web_hosts.txt \
-proto http \
-port 80 \
-threads 50 \
-timeout 3 \
-o http_banners.csv
//Pull FTP banners from FTP servers list, override port to 21, output JSON-
go run bannerGrap.go \
-f ftp_hosts.txt \
-proto ftp \
-port 21 \
-threads 20 \
-timeout 2 \
-o ftp_banners.json
//Pull SSH banners from SSH servers list, output JSON-
go run bannerGrap.go \
-f ssh_hosts.txt \
-proto ssh \
-threads 10 \
-timeout 5 \
-o ssh_banners.json
//Pull Telnet banners from Telnet servers list, output CSV-
go run bannerGrap.go \
-f telnet_hosts.txt \
-proto telnet \
-threads 10 \
-timeout 5 \
-o telnet_banners.csv
//Pull custom banners from custom servers list, output JSON-
go run bannerGrap.go \
-f custom_hosts.txt \
-proto custom \
-payload "GET / HTTP/1.1\r\nHost: %s\r\n\r\n" \
-threads 10 \
-timeout 5 \
-o custom_banners.json
[+] FTP Anonymous Banner Grab: Scan FTP servers (file lists mixed hostnames & IPs), force port 21, no custom payload needed-
go run bannerGrap.go \
-f ftp_targets.txt \
-proto ftp \
-port 21 \
-threads 150 \
-timeout 4 \
-o ftp_banners.csv
[+] SSH Welcome Message Blitz: Read SSH welcomes from 1 000 hosts, port 22, high concurrency, console output-
go run bannerGrap.go \
-f thousand_hosts.txt \
-proto ssh \
-port 22 \
-threads 300 \
-timeout 3
[+] Telnet Service Fingerprinting: Connect to Telnet on mixed IPv4 & IPv6 targets, port 23-
go run bannerGrap.go \
-f mixed_targets.txt \
-proto telnet \
-port 23 \
-threads 100 \
-timeout 5 \
-o telnet_fingerprints.json
[+] Custom TCP Payload for Proprietary Service: Send a proprietary βHELLO\nβ payload to a custom daemon on port 9000-
go run bannerGrap.go \
-f custom_daemon_hosts.txt \
-proto custom \
-port 9000 \
-payload "HELLO\n" \
-threads 50 \
-timeout 6 \
-o daemon_responses.csv
[+] Mixed-Protocol One-Liner:Scan HTTP, then HTTPS, then SMTP sequentially (three invocations) on a single host:
go run bannerGrap.go example.com # HTTP:80
go run bannerGrap.go -proto https example.com # HTTPS:443
go run bannerGrap.go -proto smtp example.com:25 # SMTP:25
[+] Internal LAN Audit: Check local hostnames and IPs in internal_targets.txt, console output-
go run banner_grabber.go \
-f internal_targets.txt \
-threads 50 \
-timeout 3
[+]IPv6-Only Enumeration:Scan a list of IPv6 hosts on HTTPS, 100 threads-
go run bannerGrap.go \
-f ipv6_hosts.txt \
-proto https \
-port 443 \
-threads 100 \
-timeout 4 \bannergrapv2 example.com -ports 80,443 -ssl-check -http-headersOutput:
__________ ________
\______ \_____ ____ ____ ___________ / _____/___________ ______ ____ ____
| | _/\__ \ / \ / \_/ __ \_ __ \/ \ __\_ __ \__ \ \____ \ / ___\ / _ \
| | \ / __ \| | \ | \ ___/| | \/\ \_\ \ | \// __ \| |_> > / /_/ > <_> )
|______ /(____ /___| /___| /\___ >__| \______ /__| (____ / __/ /\ \___ / \____/
\/ \/ \/ \/ \/ \/ \/|__| \/ /_____/
[+] Target: example.com (93.184.216.34)
[+] Open Ports: 80, 443
PORT SERVICE VERSION VULNERABILITIES
80 HTTP nginx/1.18.0 None detected
443 HTTPS nginx/1.18.0 (TLS) TLS 1.0 Deprecated (Low)
[+] SSL Certificate:
Subject: CN=example.com
Issuer: DigiCert Inc
Valid: 2024-01-01 to 2025-01-01
Grade: A
[β] Scan completed in 2.34s
go run bannerGrap.go 192.168.1.0/24 -threads 200 -output network-scan.json
or,
bannergrapv2 192.168.1.0/24 -threads 200 -output network-scan.jsonbannergrapv2 vulnerable-site.com -vuln-scan -format html -output vuln-report.html# .github/workflows/security-scan.yml
bannergrapv2 production-hosts.txt -vuln-scan -format json -output scan-results.jsonCreate a config.yaml file:
# BannerGrapV2 Configuration
general:
threads: 100
timeout: 10
retries: 3
verbose: true
scan:
common_ports: true
port_range: "1-10000"
service_detection: true
ssl_analysis: true
vulnerability:
enabled: true
cve_database: "local" # or "online"
min_severity: "medium"
output:
format: "json"
directory: "./reports"
timestamp: true
brute_force:
enabled: false
username_list: "usernames.txt"
password_list: "passwords.txt"Run with config:
bannergrapv2 -config config.yaml -target 192.168.1.1βββ bannerGrap
βββ bannerGrap.go
βββ bannergrapv2-darwin-amd64
βββ bannergrapv2-darwin-arm64
βββ bannergrapv2-linux-amd64
βββ BannerGrapV2_Security_Scanner_Tool_1d0e04fd-c100-4173-88b9-52a99f69fc2b.jpeg
βββ bannergrapv2-windows-amd64.exe
βββ bannerv2-deploy.yaml
βββ bannerv2-job.yaml
βββ bannerv2-service.yaml
βββ build_and_run.sh
βββ CONTRIBUTING.md
βββ Dockerfile
βββ docs
βΒ Β βββ auditing.md
βΒ Β βββ bannerGrap_Guide_of_Usage.md
βΒ Β βββ bug-bounty.md
βΒ Β βββ cicd.md
βΒ Β βββ cli-reference.md
βΒ Β βββ configuration.md
βΒ Β βββ New_advanced_bashScripts.md
βΒ Β βββ output-formats.md
βΒ Β βββ pentesting.md
βΒ Β βββ scan-techniques.md
βββ go.mod
βββ go.sum
βββ LICENSE
βββ README.md
βββ report.html
βββ run_bannerv2.sh
βββ SECURITY.md
βββ start_banner.sh
We love contributions! π
- π Report bugs
- π‘ Suggest new features
- π Improve documentation
- π§ Submit pull requests
- β Star the project
- Fork the repository
- Create your feature branch
git checkout -b feature/AmazingFeature- Commit your changes
git commit -m 'Add some AmazingFeature'- Push to the branch
git push origin feature/AmazingFeature- Open a Pull Request
Read our Contributing Guide for detailed information.
Found a security vulnerability? Please DO NOT open a public issue.
Email: tanjibisham777@gmail.com
See our Security Policy for more information.
This project is licensed under the MIT License - see the LICENSE file for details.
- Thanks to all contributors
- Inspired by tools like Nmap, Masscan, and Shodan
- Built with β€οΈ using Go
Join our growing community!
- Core banner grabbing functionality
- Multi-threaded scanning
- Basic vulnerability detection
- Plugin system
- Integration with Metasploit & Nmap
- Docker container support
- Kubernetes operator
See the open issues for a full list of proposed features.
MrEchoFi (Md. Abu Naser Nayeem / Tanjib Isham)
- π Cybersecurity Researcher
- π‘οΈ DevSecOps & Penetration Testing Specialist
- π Portfolio: https://echo-fi-portfolio-node-js.vercel.app
Best Regards ~ MrEchoFi
Happy HackNight
