What Changed in v2.1.1

New Features

🖥️ TUI Dashboard (--tui)

An interactive full-screen terminal dashboard powered by Bubble Tea. Start goshs with --tui to get situational awareness over SSH without port-forwarding the web UI.

• Live event panes for HTTP, DNS, SMB, LDAP, SMTP, Shells and Clipboard
• Full keyboard navigation — switch panes, scroll, open detail views, export logs
• Clipboard management directly from the terminal (a add, d delete, C clear)
• SMTP attachment saving to disk (s)
• Reverse shell management without leaving the terminal:
  • Start / stop / restart listeners (a, d, r)
  • Attach to sessions interactively (i / Enter, detach with Ctrl+])
  • Upgrade Unix shells to a full PTY (u)
  • Upgrade Windows shells via ConPtyShell (U)
• Export pane logs to JSON (e / E)
• TTL countdown shown in the status bar when --ttl is set

⏱️ TTL Self-Destruct (--ttl)

Arms a graceful shutdown timer. goshs will automatically stop after the given duration — useful for time-boxed engagements or automation.

goshs --ttl 2h
goshs --tui --catcher -dns -dns-ip 10.10.14.5 --ttl 4h

Accepts standard Go duration strings (30m, 2h, 1h30m, …). Also configurable via the JSON config file ("ttl": 7200 in seconds).

Changes

🔒 ConPtyShell no longer embedded in the binary

ConPtyShell.ps1 is no longer compiled into the goshs binary to avoid antivirus false positives. Instead, goshs serves it on demand at /ConPtyShell.ps1?conpty:

1. If a ConPtyShell.ps1 exists in the webroot, that copy is used (pin your own version or work air-gapped).
2. Otherwise goshs downloads it from the upstream GitHub repository on first request and caches it in memory.

The route is exempt from authentication so a caught Windows host can always fetch it.

Dependency Updates

• Bump codecov/codecov-action from 6 to 7
• Bump github/codeql-action to 4.36.2
• Bump actions/checkout to 6.0.3