Skip to content

Architecture Overview

Jump to bottom
Jacob Paullus edited this page Apr 17, 2026 · 2 revisions

Architecture Overview

┌─────────────────────────────────────────────────────────┐
│                     Your Tool (main.go)                 │
├─────────────────────────────────────────────────────────┤
│  pkg/flags     - CLI flag parsing                       │
│  pkg/session   - Target & credential management         │
├─────────────────────────────────────────────────────────┤
│  pkg/smb       - SMB2/3 client                          │
│  pkg/ldap      - LDAP/LDAPS client                      │
│  pkg/dcerpc    - DCE/RPC + 15 service implementations   │
│  pkg/kerberos  - Kerberos 5 client & ticket operations  │
│  pkg/ntlm      - NTLM authentication protocol           │
│  pkg/tds       - SQL Server TDS protocol                │
│  pkg/mqtt      - MQTT protocol client                   │
├─────────────────────────────────────────────────────────┤
│  pkg/relay     - NTLM relay framework                   │
├─────────────────────────────────────────────────────────┤
│  pkg/security  - Security descriptors, ACLs, SIDs       │
│  pkg/ese       - ESE database parser (NTDS.dit)         │
│  pkg/registry  - Windows registry hive parser           │
│  pkg/ntfs      - NTFS filesystem parser                 │
│  pkg/dpapi     - DPAPI decryption                       │
├─────────────────────────────────────────────────────────┤
│  pkg/structure - Binary serialization helpers           │
│  pkg/utf16le   - UTF-16LE string encoding               │
│  pkg/transport - Proxy-aware TCP dialer                 │
└─────────────────────────────────────────────────────────┘

Standard Tool Pattern

Every gopacket tool follows the same structure:

package main

import (
    "fmt"
    "gopacket/pkg/flags"
    "gopacket/pkg/session"
    "gopacket/pkg/smb"  // or ldap, dcerpc, etc.
)

func main() {
    // 1. Parse unified CLI flags
    opts := flags.Parse()
    if opts.TargetStr == "" {
        fmt.Println("Usage: mytool [options] target")
        return
    }

    // 2. Parse target string (domain/user:pass@host)
    target, creds, err := session.ParseTargetString(opts.TargetStr)
    if err != nil {
        fmt.Printf("[-] %v\n", err)
        return
    }

    // 3. Apply CLI flags to session (hashes, kerberos, dc-ip, etc.)
    opts.ApplyToSession(&target, &creds)

    // 4. Prompt for password if needed
    session.EnsurePassword(&creds)

    // 5. Create protocol client and connect
    client := smb.NewClient(target, &creds)
    defer client.Close()

    if err := client.Connect(); err != nil {
        fmt.Printf("[-] Connection failed: %v\n", err)
        return
    }

    // 6. Do your work
    shares, _ := client.ListShares()
    for _, share := range shares {
        fmt.Printf("[+] %s\n", share)
    }
}

Clone this wiki locally