GoExec is a modern offensive security framework developed in Go, designed to perform high-speed network enumeration, authentication testing, and remote execution tasks across distributed enterprise environments.
GoExec is built around several core engineering principles.
Performance through concurrency
The framework utilizes Go routines and asynchronous task execution to perform large-scale network operations efficiently across thousands of hosts.
Modular and extensible architecture
Each protocol and capability is implemented as an independent module. This approach allows new protocols, execution techniques, and enumeration capabilities to be added without impacting the core framework.
Clean and maintainable codebase
The project prioritizes readable, maintainable code to ensure long-term sustainability and encourage community contribution.
GoExec is designed to support a wide range of offensive security operations including:
-
Massively parallel authentication testing and credential spraying across large host ranges.
-
Remote execution modules for interacting with systems after successful authentication.
-
Active Directory enumeration capabilities for gathering information about domains, users, groups, and network resources.
-
Protocol-based modular support including SMB, LDAP, WinRM, and SSH.
-
Structured JSON output for seamless integration with automation tools, pipelines, and security platforms.
-
Plugin-based architecture that enables the rapid development of additional modules and capabilities.
GoExec is designed for environments where high-speed network interaction and scalable automation are required.
- Red team engagements and adversary simulation
- Security research and tool development
- Enterprise Active Directory lab environments
- Capture the Flag (CTF) exercises
- Offensive security engineering workflows
GoExec is intended solely for authorized security testing, research, and educational purposes.
Users are responsible for ensuring they have explicit permission before performing any form of network testing. The developers assume no liability for misuse of this tool or for actions taken by individuals using the framework.