Welcome to the GoSpoof Documentation

GoSpoof is a powerful cyber deception tool that brings defensive tooling back into your security toolkit. This tool was directly inspired by portspoof and rebuilt in Go with additional features, making it more efficient and easier to use.

Quick Navigation

For detailed information about each topic, visit:

• Overview - Complete overview of GoSpoof
• Installation Guide - Step-by-step installation
• Configuration - Configuration options
• Command Line Options - All available commands
• Basic Usage - Basic features
• Advanced Usage - Advanced features
• Troubleshooting - Common issues and solutions

About GoSpoof

GoSpoof is a port spoofing tool that helps protect your systems by creating deceptive responses to port scans. As attackers, speed and stealth are crucial during reconnaissance and attacks. Traditional network defenses often focus on blocking or detecting malicious activity, but what if we could make the attacker’s job more difficult and time-consuming?

GoSpoof was created to bring cyber deception tooling back into the defensive toolkit. It’s designed to:

• Significantly slow down and waste scanner resources
• Force attackers to be louder and more aggressive
• Help your SOC notice and isolate potential threats
• Provide early warning of reconnaissance activities

Our research has shown that cyber deception is extremely beneficial, increasing detection rates and reducing compromise. We aim to increase literacy in cyber deception and make these defensive techniques accessible to everyone - from large organizations to individual users, educators, and security researchers.

Key Benefits

• Modern Go implementation for better performance
• Easy deployment and configuration
• Comprehensive logging and monitoring
• Flexible configuration options
• Honeypot mode for threat tracking
• Persistent boot configuration for unattended operation
• Port exclusion for running legitimate services
• Versatile for various security scenarios

Getting Started

1. First, ensure you have the prerequisites:

   • A Linux system with iptables
   • Root/sudo access
   • Basic understanding of port scanning and network security

2. Choose your path:

   • For a quick test drive, see our Quick Start Guide
   • For a full installation, follow our Installation Guide
   • To learn more about using GoSpoof, check out our Basic Usage Guide

Community

GoSpoof is part of our commitment to advancing cyber deception as a legitimate defensive measure. By increasing the ease of use of a classic tool, we hope to make cyber deception more accessible to the cybersecurity community. We welcome contributions, feedback, and ideas to make this tool even better.

Contributing

GoSpoof is an open-source project. If you’d like to contribute, please visit our GitHub repository.

License

GoSpoof is licensed under the Apache-2.0 license.

---

Made with ❤️ by Black Hills Infosec