gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-04-28 03:23:07 -07:00
Code Issues Packages Projects Releases Wiki Activity
335 Commits 14 Branches 61 Tags
main
Commit Graph

335 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
vmfunc
db24c59498 feat: add lfi reconnaissance module (#49) 
adds a new --lfi flag for local file inclusion vulnerability scanning:
- tests common lfi parameters with directory traversal payloads
- detects /etc/passwd, /etc/shadow, windows system files
- identifies php wrappers and encoded content
- supports various bypass techniques (null bytes, encoding)

closes #4
 2026-01-02 18:41:30 -08:00
vmfunc
4392e33179 feat: add sql reconnaissance module (#48) 
adds a new --sql flag that performs sql reconnaissance on target urls:
- detects common database admin panels (phpmyadmin, adminer, pgadmin, etc.)
- identifies database error disclosure (mysql, postgresql, mssql, oracle, sqlite)
- scans common paths for sql injection indicators

closes #3
 2026-01-02 18:40:06 -08:00
vmfunc
080ab10f56 fix: remove duplicate subdomain takeover call and add config tests (#46) 
- remove duplicate SubdomainTakeover call that ran twice when both
  dns scan and --st flag were enabled
- add comprehensive tests for config settings defaults and behavior
- fix formatting in dork.go

closes #1
 2026-01-02 18:38:47 -08:00
vmfunc
4a77307acf Merge pull request #47 from vmfunc/feat/shodan-integration 
feat: add shodan integration for host reconnaissance
 2026-01-02 18:35:56 -08:00
vmfunc
d44dbb7f48 feat: add shodan integration for host reconnaissance 
adds a new --shodan flag that queries the shodan api for information
about the target host. requires SHODAN_API_KEY environment variable.

features:
- resolves hostnames to ip addresses
- queries shodan host api for reconnaissance data
- displays organization, isp, location, ports, services, and vulns
- logs results to file when logdir is specified

closes #2
 2026-01-02 18:24:37 -08:00
vmfunc
1bf927b895 fix: update dependencies to address security vulnerabilities 
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4

also fixes go vet warnings for non-constant format strings
 2026-01-02 18:03:27 -08:00
vmfunc
0e3e43a1f3 fix: update readme badges and use banner image 
- update badges to point to vmfunc/sif
- replace ascii art with banner image
- fix header check action to check first 5 lines
- remove obsolete LICENSE.md
 2026-01-02 17:54:17 -08:00
vmfunc
8230edf30b chore: delete old license 2026-01-02 17:45:14 -08:00
vmfunc
d30c7f56a3 license: switch to bsd 3-clause, update headers and readme 
- replace proprietary license with bsd 3-clause
- update all go file headers with new retro terminal style
- add header-check github action to enforce license headers
- completely rewrite readme to be modern, sleek, and lowercase
- fix broken badges
 2026-01-02 17:41:18 -08:00
vmfunc
1379dd9952 test: add basic unit tests for scan package 
adds tests for subdomain takeover detection, robots.txt fetching,
and result struct validation using httptest mock servers.
automated-release-421965e 		2026-01-02 17:27:50 -08:00
vmfunc
925b84d22b chore: add golangci-lint configuration 
enables errcheck, govet, staticcheck, unused, gosimple,
ineffassign, and misspell linters
 2026-01-02 17:21:58 -08:00
vmfunc
ecb2e147c2 docs: update minimum go version to 1.23 in contributing guide 2026-01-02 17:21:38 -08:00
vmfunc
5c92b6ae4d fix: handle errors instead of ignoring them 
- dork.go: log and skip on googlesearch.Search error
- nuclei.go: return error on os.Getwd and reporting.New failures
- subdomaintakeover.go: return early on io.ReadAll error
 2026-01-02 17:21:21 -08:00
vmfunc
75350458c1 chore: update github actions to latest versions 
- update actions/checkout from v2/v3 to v4 across all workflows
- update reviewdog actions to latest versions
- update jetbrains/qodana-action to v2024.3
- update actions/dependency-review-action to v4
- replace deprecated actions/create-release and upload-release-asset
  with softprops/action-gh-release@v2
 2026-01-02 17:20:01 -08:00
vmfunc
21c85974cd chore: upgrade to go 1.25 and ignore claude files 
- update go.mod to use go 1.23 with toolchain go1.25.5
- add CLAUDE.md and .claude/ to .gitignore
 2026-01-02 17:13:16 -08:00
vmfunc
3d2e75b525 Merge pull request #41 from vmfunc/dependabot/go_modules/go_modules-dd59f798d0 
build(deps): bump github.com/quic-go/quic-go from 0.42.0 to 0.48.2 in the go_modules group
 2026-01-02 17:11:27 -08:00
vmfunc
bc07d1ad4e fix: update go version check to support go 1.20+ 
the makefile was checking for go 1.23 specifically, which breaks builds
on newer go versions (1.24, 1.25, etc). this updates the regex to allow
any go version 1.20 or higher.
 2026-01-02 17:10:05 -08:00
vmfunc
ca5c79b44c Merge pull request #43 from ag-wnl/agwnl/update-makefile-go 
Update Makefile to support latest version of Go
 2025-10-26 17:22:41 +01:00
vmfunc
450fcb8efd Update README.md automated-release-bef84ce 2025-04-18 16:41:37 +02:00
ag-wnl
34d190731a chore: update to be compatible with all minor Go updates 2025-03-15 15:26:09 +05:30
ag-wnl
cfe681d793 chore: update makefile to latest go version 2025-03-15 15:19:54 +05:30
dependabot[bot]
1d4673c078 build(deps): bump github.com/quic-go/quic-go in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go).


Updates `github.com/quic-go/quic-go` from 0.42.0 to 0.48.2
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.42.0...v0.48.2)

---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-02 17:51:08 +00:00
vmfunc
1253515f0b actions<breaking>: remove PR-specific actions 
(needs to be fixed)
 2024-11-22 03:28:17 -05:00
vmfunc
5b4b43011b design: readme fixes automated-release-9636888 2024-11-14 09:09:35 +01:00
vmfunc
ebdba0721c design: update product banner automated-release-3d431bd 2024-11-14 06:53:41 +01:00
vmfunc
806e8b0970 design: update banner automated-release-ef014de 2024-11-14 06:51:54 +01:00
vmfunc
1a0245840e Merge pull request #38 from lunchcat/dependabot/go_modules/go_modules-403cefacee 
build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group
 2024-11-05 00:36:18 +01:00
dependabot[bot]
8a0ed28bd5 build(deps): bump github.com/golang-jwt/jwt/v4 in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt).


Updates `github.com/golang-jwt/jwt/v4` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-04 23:33:18 +00:00
vmfunc
c3805c7aee fix<dork>: properly process feature flag automated-release-057b997 2024-10-22 09:15:36 +02:00
vmfunc
ceb8712204 ci: various improvements to workflow automated-release-85654f6 2024-10-15 02:51:52 +02:00
vmfunc
b335a45a82 chore<format>: gofmt whitespace removal automated-release-aff6fea 2024-10-15 02:32:48 +02:00
vmfunc
1048a97355 feat<sif>: log scan overview automated-release-ee77dd8 2024-10-15 00:14:59 +02:00
vmfunc
cceb60a423 fix<contrib>: fix contributor file automated-release-5add3a7 2024-10-13 00:56:23 +02:00
vmfunc
bf5fd7c566 fix: replace modules with features automated-release-e9bd112 2024-10-13 00:49:12 +02:00
vmfunc
16a73f274b feat: improve readme automated-release-3e5849d 2024-10-13 00:44:50 +02:00
vmfunc
fcc0ba0ea4 Merge pull request #36 from lunchcat/all-contributors/add-projectdiscovery 
docs: add projectdiscovery as a contributor for platform
 2024-10-13 00:32:48 +02:00
vmfunc
b619ed026a Merge branch 'main' into all-contributors/add-projectdiscovery 2024-10-13 00:32:41 +02:00
vmfunc
26b35c1cbc Merge pull request #35 from lunchcat/all-contributors/add-macdoos 
docs: add macdoos as a contributor for code
 2024-10-13 00:31:55 +02:00
vmfunc
4a51ddda95 Merge branch 'main' into all-contributors/add-macdoos 2024-10-13 00:31:50 +02:00
vmfunc
3eae11695d Merge pull request #34 from lunchcat/all-contributors/add-D3adPlays 
docs: add D3adPlays as a contributor for ideas
 2024-10-13 00:31:10 +02:00
vmfunc
c29227d26b Merge branch 'main' into all-contributors/add-D3adPlays 2024-10-13 00:31:04 +02:00
vmfunc
0279ea9b0a Merge pull request #33 from lunchcat/all-contributors/add-tessa-u-k 
docs: add tessa-u-k as a contributor for infra, question, and userTesting
 2024-10-13 00:30:16 +02:00
vmfunc
dfe8004544 Merge branch 'main' into all-contributors/add-tessa-u-k 2024-10-13 00:27:32 +02:00
vmfunc
2816887a7a Merge pull request #32 from lunchcat/all-contributors/add-xyzeva 
docs: add xyzeva as a contributor for blog, content, and 4 more
 2024-10-13 00:25:45 +02:00
allcontributors[bot]
ae82c2066d docs: update .all-contributorsrc 2024-10-12 22:25:28 +00:00
allcontributors[bot]
cebfe62bcf docs: update README.md 2024-10-12 22:25:27 +00:00
allcontributors[bot]
a79ffd08d4 docs: update .all-contributorsrc 2024-10-12 22:25:16 +00:00
allcontributors[bot]
22fba38ff6 docs: update README.md 2024-10-12 22:25:15 +00:00
allcontributors[bot]
dd28daf795 docs: update .all-contributorsrc 2024-10-12 22:25:08 +00:00
allcontributors[bot]
7c080e99a8 docs: update README.md 2024-10-12 22:25:07 +00:00