Download
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts can filter, cluster, and explore these relationships to identify infrastructure patterns, potential subdomains, or attack surfaces. Integrations may include metadata like geolocation, WHOIS, and risk scoring to prioritize leads. GOAD helps teams transition from fragmented OSINT tools to a unified reconnaissance dashboard where exploration and filtering are first-class.
Features
- Multiple size options: full lab (many VMs), “Light”, “MiniLab” options with fewer VMs / simpler setups depending on resources
- Infrastructure-as-Code support: includes scripts/playbooks, templating, Docker / Vagrant provisions etcetera
- Ready made vulnerable configurations: misconfigurations, typical AD weak points etcetera to practice exploits / detection / defense
- Several domains and forests, with variety in Windows Server / Client OS versions etcetera to simulate realistic environments
- Documentation of lab exercises, extensions, optional modules etcetera to expand or customize the lab
- Warnings and cautions; license clarifications; guidance to isolate the environments; ability to use lab safely without exposing to internet etcetera
Project Samples
