You're mid-engagement. You need to transfer a file, catch an SMB hash, or stand up a quick HTTPS server β and python3 -m http.server won't cut it.
goshs is a single-binary file server built for the moments when you need more than Python's SimpleHTTPServer but don't want to configure Apache. HTTP/S, WebDAV, SFTP, SMB, LDAP, basic auth, share links, DNS/SMTP callbacks, NTLM hash capture + cracking β all from one command.
# Serve the current directory on port 8000
goshs
# Serve with HTTPS (self-signed) and basic auth
goshs -s -ss -b user:password
# Capture SMB hashes
goshs -smb -smb-domain CORP
# Capture LDAP credentials and NTLM hashes (with optional wordlist cracking)
goshs -ldap
goshs -ldap -ldap-wordlist /usr/share/wordlists/rockyou.txt
# Catch DNS callbacks and receive emails
goshs -dns -dns-ip 1.2.3.4 -smtp -smtp-domain your-domain.comFor a detailed documentation go to goshs.de
| π File Operations | Download, upload (drag & drop, POST/PUT), delete, bulk ZIP, QR codes |
| π Protocols | HTTP/S, WebDAV, SFTP, SMB, LDAP |
| π Auth & Security | Basic auth, certificate auth, TLS (self-signed, Let's Encrypt, custom cert), IP whitelist, file-based ACLs |
| βοΈ Server Modes | Read-only, upload-only, no-delete, silent, invisible, CLI command execution |
| π Share Links | Token-based sharing, download limit, time limit |
| π― Collaboration / CTF | DNS server, SMTP server, SMB NTLM hash capture + cracking, LDAP credential capture + NTLM hash cracking (JNDI mode for Log4Shell), redirect endpoint, Rev Shell Catcher + Payload generator |
| π Integration | Webhooks, tunnel via localhost.run, config file, JSON API, mDNS |
| π οΈ Misc | Dark/light themes, clipboard, self-update, log output, embed files, drop privileges |
| Method | |
|---|---|
| 𦫠Go | go install goshs.de/goshs/v2@latest |
| π Kali | sudo apt install goshs |
| πΊ Homebrew | brew install goshs |
| πͺ Scoop | scoop bucket add extras && scoop install extras/goshs |
| π³ Docker | docker run --rm -it -p 8000:8000 -v "$PWD:/pwd" patrickhener/goshs:latest -d /pwd |
| π¦ Release | Download from GitHub Releases |
π§ Build yourself
Building requirements are uglify-js and sass. After installing these packages run:
git clone https://github.com/patrickhener/goshs.git
cd goshs
make build-allThese are the awesome contributors that made goshs even more secure β€οΈ
| wooseokdotkim | Guilhem7 |
Join the Discord Community and start connecting.
A special thank you goes to sc0tfree for inspiring this project with his project updog written in Python.