vmfunc
046a5bc7d7
ci: add test coverage reporting to workflow
...
run tests with race detector and coverage profiling, upload results
to codecov for visibility into test coverage metrics
2026-01-03 05:57:09 -08:00
vmfunc
295d684054
ci: enhance golangci-lint with additional linters
...
add gocritic, revive, unconvert, prealloc, bodyclose, noctx, and
exportloopref for better code quality detection
2026-01-03 05:57:09 -08:00
vmfunc
8cb4a85a99
Merge pull request #51 from andrewgazelka/chore/modernize-nix-flake
...
chore(nix): modernize flake to use buildGoModule
2026-01-03 00:38:59 -08:00
Andrew Gazelka
f2c8cc71b2
chore(nix): modernize flake to use buildGoModule
...
- Remove flake-utils dependency (use local forAllSystems helper)
- Remove gomod2nix dependency (use native buildGoModule)
- Add overlay export for easy consumption
- Update nixpkgs to latest unstable
- Disable tests in nix build (require network access)
2026-01-03 00:25:37 -08:00
vmfunc
01fa28555b
docs: update contributor name and add vxfemboy
2026-01-02 19:56:44 -08:00
vmfunc
29478f087a
chore: fix contributorrc
2026-01-02 19:55:31 -08:00
vmfunc
7b3f4a4f2f
chore: fix contributorrc
2026-01-02 19:51:03 -08:00
vmfunc
563f3817ce
Merge pull request #40 from vmfunc/feat/framework-detection
...
feat: framework detection module
2026-01-02 19:15:07 -08:00
vmfunc
20ea60cd70
fix: adjust sif logo alignment
2026-01-02 19:12:28 -08:00
vmfunc
5eac60f696
fix: improve version detection and add documentation
...
- fix version detection to validate reasonable version numbers (major < 100)
- remove overly permissive patterns that caused false positives
- add comprehensive framework contribution documentation to CONTRIBUTING.md
- document signature patterns, version detection, and CVE data format
- add configuration documentation for flags and env vars
- outline future enhancements for community contributions
2026-01-02 19:04:37 -08:00
vmfunc
e02e1554ea
docs: add framework detection to readme
2026-01-02 18:54:24 -08:00
vmfunc
816b89328c
feat: expand framework detection with cvs, version confidence, concurrency
...
- add 20+ new framework signatures (vue, angular, react, svelte, sveltekit,
remix, gatsby, joomla, magento, shopify, ghost, ember, backbone, meteor,
strapi, adonisjs, cakephp, codeigniter, asp.net core, spring boot)
- add version confidence scoring with multiple detection sources
- add concurrent framework scanning for better performance
- expand cve database with 15+ known vulnerabilities (spring4shell, etc.)
- add risk level assessment based on cve severity
- add comprehensive security recommendations
- add new tests for all features
2026-01-02 18:52:15 -08:00
vmfunc
af9d05f6b2
chore: add license header to detect.go
2026-01-02 18:52:15 -08:00
vmfunc
138bdf35aa
feat: improve framework detection with more signatures and tests
...
- use math.Exp instead of custom exp implementation
- add more framework signatures: next.js, nuxt.js, wordpress, drupal,
symfony, fastapi, gin, phoenix
- fix header detection to check both header names and values
- simplify version detection (remove unnecessary padding)
- add comprehensive test suite for framework detection
- fix formatting in dork.go
2026-01-02 18:52:15 -08:00
vmfunc
494a84e338
chore(actions): add framework to CI
2026-01-02 18:52:15 -08:00
vmfunc
3bc7a2463d
feat(framework-detection): weighted bayesian detection algorithm
...
- weighted signature matching for more accurate framework detection
- sigmoid normalization for confidence scores
- version detection with semantic versioning support
- header-only pattern
2026-01-02 18:52:15 -08:00
vmfunc
a08239bb1c
feat: framework detection module
2026-01-02 18:52:15 -08:00
vmfunc
ecf71be01f
fix: use static discord badge instead of server id
2026-01-02 18:45:07 -08:00
vmfunc
29709103be
docs: update readme with new modules and discord link
2026-01-02 18:42:45 -08:00
vmfunc
db24c59498
feat: add lfi reconnaissance module ( #49 )
...
adds a new --lfi flag for local file inclusion vulnerability scanning:
- tests common lfi parameters with directory traversal payloads
- detects /etc/passwd, /etc/shadow, windows system files
- identifies php wrappers and encoded content
- supports various bypass techniques (null bytes, encoding)
closes #4
2026-01-02 18:41:30 -08:00
vmfunc
4392e33179
feat: add sql reconnaissance module ( #48 )
...
adds a new --sql flag that performs sql reconnaissance on target urls:
- detects common database admin panels (phpmyadmin, adminer, pgadmin, etc.)
- identifies database error disclosure (mysql, postgresql, mssql, oracle, sqlite)
- scans common paths for sql injection indicators
closes #3
2026-01-02 18:40:06 -08:00
vmfunc
080ab10f56
fix: remove duplicate subdomain takeover call and add config tests ( #46 )
...
- remove duplicate SubdomainTakeover call that ran twice when both
dns scan and --st flag were enabled
- add comprehensive tests for config settings defaults and behavior
- fix formatting in dork.go
closes #1
2026-01-02 18:38:47 -08:00
vmfunc
4a77307acf
Merge pull request #47 from vmfunc/feat/shodan-integration
...
feat: add shodan integration for host reconnaissance
2026-01-02 18:35:56 -08:00
vmfunc
d44dbb7f48
feat: add shodan integration for host reconnaissance
...
adds a new --shodan flag that queries the shodan api for information
about the target host. requires SHODAN_API_KEY environment variable.
features:
- resolves hostnames to ip addresses
- queries shodan host api for reconnaissance data
- displays organization, isp, location, ports, services, and vulns
- logs results to file when logdir is specified
closes #2
2026-01-02 18:24:37 -08:00
vmfunc
1bf927b895
fix: update dependencies to address security vulnerabilities
...
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4
also fixes go vet warnings for non-constant format strings
2026-01-02 18:03:27 -08:00
vmfunc
0e3e43a1f3
fix: update readme badges and use banner image
...
- update badges to point to vmfunc/sif
- replace ascii art with banner image
- fix header check action to check first 5 lines
- remove obsolete LICENSE.md
2026-01-02 17:54:17 -08:00
vmfunc
8230edf30b
chore: delete old license
2026-01-02 17:45:14 -08:00
vmfunc
d30c7f56a3
license: switch to bsd 3-clause, update headers and readme
...
- replace proprietary license with bsd 3-clause
- update all go file headers with new retro terminal style
- add header-check github action to enforce license headers
- completely rewrite readme to be modern, sleek, and lowercase
- fix broken badges
2026-01-02 17:41:18 -08:00
vmfunc
1379dd9952
test: add basic unit tests for scan package
...
adds tests for subdomain takeover detection, robots.txt fetching,
and result struct validation using httptest mock servers.
automated-release-421965e
2026-01-02 17:27:50 -08:00
vmfunc
925b84d22b
chore: add golangci-lint configuration
...
enables errcheck, govet, staticcheck, unused, gosimple,
ineffassign, and misspell linters
2026-01-02 17:21:58 -08:00
vmfunc
ecb2e147c2
docs: update minimum go version to 1.23 in contributing guide
2026-01-02 17:21:38 -08:00
vmfunc
5c92b6ae4d
fix: handle errors instead of ignoring them
...
- dork.go: log and skip on googlesearch.Search error
- nuclei.go: return error on os.Getwd and reporting.New failures
- subdomaintakeover.go: return early on io.ReadAll error
2026-01-02 17:21:21 -08:00
vmfunc
75350458c1
chore: update github actions to latest versions
...
- update actions/checkout from v2/v3 to v4 across all workflows
- update reviewdog actions to latest versions
- update jetbrains/qodana-action to v2024.3
- update actions/dependency-review-action to v4
- replace deprecated actions/create-release and upload-release-asset
with softprops/action-gh-release@v2
2026-01-02 17:20:01 -08:00
vmfunc
21c85974cd
chore: upgrade to go 1.25 and ignore claude files
...
- update go.mod to use go 1.23 with toolchain go1.25.5
- add CLAUDE.md and .claude/ to .gitignore
2026-01-02 17:13:16 -08:00
vmfunc
3d2e75b525
Merge pull request #41 from vmfunc/dependabot/go_modules/go_modules-dd59f798d0
...
build(deps): bump github.com/quic-go/quic-go from 0.42.0 to 0.48.2 in the go_modules group
2026-01-02 17:11:27 -08:00
vmfunc
bc07d1ad4e
fix: update go version check to support go 1.20+
...
the makefile was checking for go 1.23 specifically, which breaks builds
on newer go versions (1.24, 1.25, etc). this updates the regex to allow
any go version 1.20 or higher.
2026-01-02 17:10:05 -08:00
vmfunc
ca5c79b44c
Merge pull request #43 from ag-wnl/agwnl/update-makefile-go
...
Update Makefile to support latest version of Go
2025-10-26 17:22:41 +01:00
vmfunc
450fcb8efd
Update README.md
automated-release-bef84ce
2025-04-18 16:41:37 +02:00
ag-wnl
34d190731a
chore: update to be compatible with all minor Go updates
2025-03-15 15:26:09 +05:30
ag-wnl
cfe681d793
chore: update makefile to latest go version
2025-03-15 15:19:54 +05:30
dependabot[bot]
1d4673c078
build(deps): bump github.com/quic-go/quic-go in the go_modules group
...
Bumps the go_modules group with 1 update: [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go ).
Updates `github.com/quic-go/quic-go` from 0.42.0 to 0.48.2
- [Release notes](https://github.com/quic-go/quic-go/releases )
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md )
- [Commits](https://github.com/quic-go/quic-go/compare/v0.42.0...v0.48.2 )
---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
dependency-type: indirect
dependency-group: go_modules
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-02 17:51:08 +00:00
vmfunc
1253515f0b
actions<breaking>: remove PR-specific actions
...
(needs to be fixed)
2024-11-22 03:28:17 -05:00
vmfunc
5b4b43011b
design: readme fixes
automated-release-9636888
2024-11-14 09:09:35 +01:00
vmfunc
ebdba0721c
design: update product banner
automated-release-3d431bd
2024-11-14 06:53:41 +01:00
vmfunc
806e8b0970
design: update banner
automated-release-ef014de
2024-11-14 06:51:54 +01:00
vmfunc
1a0245840e
Merge pull request #38 from lunchcat/dependabot/go_modules/go_modules-403cefacee
...
build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group
2024-11-05 00:36:18 +01:00
dependabot[bot]
8a0ed28bd5
build(deps): bump github.com/golang-jwt/jwt/v4 in the go_modules group
...
Bumps the go_modules group with 1 update: [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt ).
Updates `github.com/golang-jwt/jwt/v4` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/golang-jwt/jwt/releases )
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md )
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1 )
---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
dependency-type: indirect
dependency-group: go_modules
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-11-04 23:33:18 +00:00
vmfunc
c3805c7aee
fix<dork>: properly process feature flag
automated-release-057b997
2024-10-22 09:15:36 +02:00
vmfunc
ceb8712204
ci: various improvements to workflow
automated-release-85654f6
2024-10-15 02:51:52 +02:00
vmfunc
b335a45a82
chore<format>: gofmt whitespace removal
automated-release-aff6fea
2024-10-15 02:32:48 +02:00