Celeste Hickenlooper
ac879e069c
feat: add shodan integration for host reconnaissance
...
adds a new --shodan flag that queries the shodan api for information
about the target host. requires SHODAN_API_KEY environment variable.
features:
- resolves hostnames to ip addresses
- queries shodan host api for reconnaissance data
- displays organization, isp, location, ports, services, and vulns
- logs results to file when logdir is specified
closes #2
2026-01-02 18:24:37 -08:00
Celeste Hickenlooper
816ecd1e46
fix: update dependencies to address security vulnerabilities
...
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4
also fixes go vet warnings for non-constant format strings
2026-01-02 18:03:27 -08:00
Celeste Hickenlooper
df6ca7924b
license: switch to bsd 3-clause, update headers and readme
...
- replace proprietary license with bsd 3-clause
- update all go file headers with new retro terminal style
- add header-check github action to enforce license headers
- completely rewrite readme to be modern, sleek, and lowercase
- fix broken badges
2026-01-02 17:41:18 -08:00
Celeste Hickenlooper
421965e993
test: add basic unit tests for scan package
...
adds tests for subdomain takeover detection, robots.txt fetching,
and result struct validation using httptest mock servers.
2026-01-02 17:27:50 -08:00
Celeste Hickenlooper
a26888bd3c
fix: handle errors instead of ignoring them
...
- dork.go: log and skip on googlesearch.Search error
- nuclei.go: return error on os.Getwd and reporting.New failures
- subdomaintakeover.go: return early on io.ReadAll error
2026-01-02 17:21:21 -08:00
vmfunc
057b997960
fix<dork>: properly process feature flag
2024-10-22 09:15:36 +02:00
vmfunc
aff6fea45d
chore<format>: gofmt whitespace removal
2024-10-15 02:32:48 +02:00
vmfunc
ac5e618695
chore<comments>: bunch of AI-generated comments to make the codebase easier to understand
2024-10-12 23:06:22 +02:00
vmfunc
2340e7a23f
feat<st>: subdomain takeover checks
2024-10-12 22:52:27 +02:00
vmfunc
0f8e0fea13
feat<c3>: AWS c3 detection
2024-10-12 22:28:31 +02:00
vmfunc
0226bff095
feat<headers>: http header analysis
2024-10-12 22:15:56 +02:00
vmfunc
0e83a0778d
feat<cms>: CMS detection
2024-10-12 22:10:06 +02:00
mel
bd69d337f3
fix<whois>: typos in logfile creation
2024-07-29 04:26:39 +00:00
vmfunc
d2281c3c4a
feat: add Template support to config
2024-07-10 05:01:35 -04:00
xyzeva
235c8cc1a4
feat: implement api mode
2024-06-22 12:09:50 +03:00
xyzeva
e7425f1a40
feat: implement basic js scanning
2024-06-22 11:01:03 +03:00
macdoos
80062533c9
Proper logging
2024-06-15 23:31:34 +02:00
macdoos
dd1af9744f
Add function to scan.go
2024-06-15 22:22:03 +02:00
vmfunc
db25276bf9
dirlist: handle 403
2024-04-15 02:43:03 +02:00
syscats
d54dcb2a21
feat: WHOIS support
2024-02-04 15:09:50 +01:00
syscats
50dd77248c
fix: fix case for module function declaration <api>
2024-02-04 14:27:46 +01:00
syscats
a40c54f382
chore: create base api output function
2024-02-04 14:18:16 +01:00
syscats
16baaa253c
feat: handle API flag
2024-02-04 14:08:39 +01:00
Sol Fisher Romanoff
d87d923692
fix: make log files a pointer
2023-09-14 20:48:59 +03:00
Sol Fisher Romanoff
264d37e8eb
lint: go fmt -s
2023-09-14 20:48:59 +03:00
Sol Fisher Romanoff
8ab889182e
Move import repositories to dropalldatabases
2023-09-14 20:48:45 +03:00
Sol Fisher Romanoff
28d0c10a23
Use nuclei API to scan nuclei templates
2023-09-14 20:48:28 +03:00
Sol Fisher Romanoff
979be3c5c6
Refactor
2023-09-14 20:46:47 +03:00
