mandiant

mandiant / gopacket

Public

Gopacket is a clean implementation of Impacket, a library intended for working with network protocols.

62
2
69% credibility
Found Apr 18, 2026 at 62 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

A toolkit of Go programs for examining and interacting with Windows network services like Active Directory, including user enumeration and credential retrieval.

How It Works

1
🔍 Discover gopacket

You hear about gopacket from a security friend who uses it to check Windows networks for weaknesses.

2
📥 Get it ready

Download the folder and run the simple setup script to prepare all the helpful tools on your computer.

3
🔗 Point to your network

Tell it the address of your Windows server or domain you want to explore.

4
🛡️ Pick your check

Choose a tool like the secrets finder or login tester to scan for hidden info.

5
Watch it uncover details

Hit go and see it safely pull network user info, passwords, or service details without harm.

6
📊 Review your findings

Look at the clear report of what it found, like user lists or security gaps.

Strengthen your setup

Use the insights to fix vulnerabilities and make your Windows network much safer.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 62 to 62 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is gopacket?

Gopacket delivers a clean Go implementation of Impacket, packing 63 CLI tools and 24 library packages for working with network protocols like SMB, LDAP, Kerberos, and DCE/RPC. It handles Active Directory enumeration, credential dumping (secretsdump, DCSync), remote execution (psexec, wmiexec), and NTLM relaying— all as static binaries with no Python deps. Users get proxychains-ready commands for packet sniffing (gopacket pcap), reassembly, and routing, plus a tutorial-friendly library for custom gopacket apps.

Why is it gaining traction?

Attackers are swapping Python for Go/Rust binaries like Sliver; gopacket matches Impacket feature-for-feature (Kerberoasting, RBCD, golden tickets) in a compile-once-run-anywhere format defenders can study on the wire. Proxychains hooks, Kerberos/NTLM auth, and REST APIs in ntlmrelayx make it ops-friendly without deps. The library shines for gopacket http relays or trading protocol tweaks.

Who should use this?

Red teamers running AD attacks without Python baggage, blue teamers tuning detections against real Go tooling, and Go devs prototyping network protocol clients. Perfect for pentesters hitting Windows domains or building gopacket newpacketsource apps.

Verdict

Grab it if you're in security testing—beta status shows in 62 stars and 0.7% credibility score, but lab-tested cores and Mandiant polish make it viable now. Pair with Impacket for edge validation; low maturity means test thoroughly before prod.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.