gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-01-13 05:16:44 -08:00
Code Issues Packages Projects Releases Wiki Activity
184 Commits 12 Branches 47 Tags
3ba18a956a01ffdbdd007c4ddcff7bc0240fac4e
Commit Graph

184 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Celeste Hickenlooper
3ba18a956a feat: add sql reconnaissance module (#48) 
adds a new --sql flag that performs sql reconnaissance on target urls:
- detects common database admin panels (phpmyadmin, adminer, pgadmin, etc.)
- identifies database error disclosure (mysql, postgresql, mssql, oracle, sqlite)
- scans common paths for sql injection indicators

closes #3
 2026-01-02 18:40:06 -08:00
Celeste Hickenlooper
44842dd659 fix: remove duplicate subdomain takeover call and add config tests (#46) 
- remove duplicate SubdomainTakeover call that ran twice when both
  dns scan and --st flag were enabled
- add comprehensive tests for config settings defaults and behavior
- fix formatting in dork.go

closes #1
 2026-01-02 18:38:47 -08:00
Celeste Hickenlooper
2cfdc511f0 Merge pull request #47 from vmfunc/feat/shodan-integration 
feat: add shodan integration for host reconnaissance
 2026-01-02 18:35:56 -08:00
Celeste Hickenlooper
ac879e069c feat: add shodan integration for host reconnaissance 
adds a new --shodan flag that queries the shodan api for information
about the target host. requires SHODAN_API_KEY environment variable.

features:
- resolves hostnames to ip addresses
- queries shodan host api for reconnaissance data
- displays organization, isp, location, ports, services, and vulns
- logs results to file when logdir is specified

closes #2
 2026-01-02 18:24:37 -08:00
Celeste Hickenlooper
816ecd1e46 fix: update dependencies to address security vulnerabilities 
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4

also fixes go vet warnings for non-constant format strings
automated-release-816ecd1 		2026-01-02 18:03:27 -08:00
Celeste Hickenlooper
42d16bd68c fix: update readme badges and use banner image 
- update badges to point to vmfunc/sif
- replace ascii art with banner image
- fix header check action to check first 5 lines
- remove obsolete LICENSE.md
automated-release-42d16bd automated-release-80ca5a1 		2026-01-02 17:54:17 -08:00
Celeste Hickenlooper
a0d6719fc6 chore: delete old license automated-release-df6ca79 2026-01-02 17:45:14 -08:00
Celeste Hickenlooper
df6ca7924b license: switch to bsd 3-clause, update headers and readme 
- replace proprietary license with bsd 3-clause
- update all go file headers with new retro terminal style
- add header-check github action to enforce license headers
- completely rewrite readme to be modern, sleek, and lowercase
- fix broken badges
 2026-01-02 17:41:18 -08:00
Celeste Hickenlooper
421965e993 test: add basic unit tests for scan package 
adds tests for subdomain takeover detection, robots.txt fetching,
and result struct validation using httptest mock servers.
automated-release-421965e 		2026-01-02 17:27:50 -08:00
Celeste Hickenlooper
a945afffd0 chore: add golangci-lint configuration 
enables errcheck, govet, staticcheck, unused, gosimple,
ineffassign, and misspell linters
 2026-01-02 17:21:58 -08:00
Celeste Hickenlooper
1199fdf815 docs: update minimum go version to 1.23 in contributing guide 2026-01-02 17:21:38 -08:00
Celeste Hickenlooper
a26888bd3c fix: handle errors instead of ignoring them 
- dork.go: log and skip on googlesearch.Search error
- nuclei.go: return error on os.Getwd and reporting.New failures
- subdomaintakeover.go: return early on io.ReadAll error
 2026-01-02 17:21:21 -08:00
Celeste Hickenlooper
dba9c4b3ab chore: update github actions to latest versions 
- update actions/checkout from v2/v3 to v4 across all workflows
- update reviewdog actions to latest versions
- update jetbrains/qodana-action to v2024.3
- update actions/dependency-review-action to v4
- replace deprecated actions/create-release and upload-release-asset
  with softprops/action-gh-release@v2
 2026-01-02 17:20:01 -08:00
Celeste Hickenlooper
0e4de7872e chore: upgrade to go 1.25 and ignore claude files 
- update go.mod to use go 1.23 with toolchain go1.25.5
- add CLAUDE.md and .claude/ to .gitignore
 2026-01-02 17:13:16 -08:00
Celeste Hickenlooper
e2ac47d5ce Merge pull request #41 from vmfunc/dependabot/go_modules/go_modules-dd59f798d0 
build(deps): bump github.com/quic-go/quic-go from 0.42.0 to 0.48.2 in the go_modules group
 2026-01-02 17:11:27 -08:00
Celeste Hickenlooper
63c125ea1c fix: update go version check to support go 1.20+ 
the makefile was checking for go 1.23 specifically, which breaks builds
on newer go versions (1.24, 1.25, etc). this updates the regex to allow
any go version 1.20 or higher.
 2026-01-02 17:10:05 -08:00
Celeste J.
942a2409bc Merge pull request #43 from ag-wnl/agwnl/update-makefile-go 
Update Makefile to support latest version of Go
 2025-10-26 17:22:41 +01:00
celeste
bef84ce9e7 Update README.md automated-release-bef84ce 2025-04-18 16:41:37 +02:00
ag-wnl
16bf3f6ae3 chore: update to be compatible with all minor Go updates 2025-03-15 15:26:09 +05:30
ag-wnl
a9c4c1f8af chore: update makefile to latest go version 2025-03-15 15:19:54 +05:30
dependabot[bot]
f1430de4a0 build(deps): bump github.com/quic-go/quic-go in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go).


Updates `github.com/quic-go/quic-go` from 0.42.0 to 0.48.2
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.42.0...v0.48.2)

---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-02 17:51:08 +00:00
vmfunc
a40b78c820 actions<breaking>: remove PR-specific actions 
(needs to be fixed)
 2024-11-22 03:28:17 -05:00
mel
9636888cd6 design: readme fixes automated-release-9636888 2024-11-14 09:09:35 +01:00
vmfunc
3d431bdcad design: update product banner automated-release-3d431bd 2024-11-14 06:53:41 +01:00
vmfunc
ef014dec87 design: update banner automated-release-ef014de 2024-11-14 06:51:54 +01:00
mel
24a9092c37 Merge pull request #38 from lunchcat/dependabot/go_modules/go_modules-403cefacee 
build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group
 2024-11-05 00:36:18 +01:00
dependabot[bot]
8396c27e71 build(deps): bump github.com/golang-jwt/jwt/v4 in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt).


Updates `github.com/golang-jwt/jwt/v4` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-04 23:33:18 +00:00
vmfunc
057b997960 fix<dork>: properly process feature flag automated-release-057b997 2024-10-22 09:15:36 +02:00
vmfunc
85654f6aaf ci: various improvements to workflow automated-release-85654f6 2024-10-15 02:51:52 +02:00
vmfunc
aff6fea45d chore<format>: gofmt whitespace removal automated-release-aff6fea 2024-10-15 02:32:48 +02:00
vmfunc
ee77dd8f91 feat<sif>: log scan overview automated-release-ee77dd8 2024-10-15 00:14:59 +02:00
mel
5add3a7502 fix<contrib>: fix contributor file automated-release-5add3a7 2024-10-13 00:56:23 +02:00
mel
e9bd112e6e fix: replace modules with features automated-release-e9bd112 2024-10-13 00:49:12 +02:00
mel
3e5849d832 feat: improve readme automated-release-3e5849d 2024-10-13 00:44:50 +02:00
mel
d449e82805 Merge pull request #36 from lunchcat/all-contributors/add-projectdiscovery 
docs: add projectdiscovery as a contributor for platform
 2024-10-13 00:32:48 +02:00
mel
e4cc49b64b Merge branch 'main' into all-contributors/add-projectdiscovery 2024-10-13 00:32:41 +02:00
mel
ca3562812c Merge pull request #35 from lunchcat/all-contributors/add-macdoos 
docs: add macdoos as a contributor for code
 2024-10-13 00:31:55 +02:00
mel
c7655a320e Merge branch 'main' into all-contributors/add-macdoos 2024-10-13 00:31:50 +02:00
mel
a568362a37 Merge pull request #34 from lunchcat/all-contributors/add-D3adPlays 
docs: add D3adPlays as a contributor for ideas
 2024-10-13 00:31:10 +02:00
mel
ba4c919c00 Merge branch 'main' into all-contributors/add-D3adPlays 2024-10-13 00:31:04 +02:00
mel
67ad20565e Merge pull request #33 from lunchcat/all-contributors/add-tessa-u-k 
docs: add tessa-u-k as a contributor for infra, question, and userTesting
 2024-10-13 00:30:16 +02:00
mel
741b32224c Merge branch 'main' into all-contributors/add-tessa-u-k 2024-10-13 00:27:32 +02:00
mel
1d714df5e0 Merge pull request #32 from lunchcat/all-contributors/add-xyzeva 
docs: add xyzeva as a contributor for blog, content, and 4 more
 2024-10-13 00:25:45 +02:00
allcontributors[bot]
5035b32f00 docs: update .all-contributorsrc 2024-10-12 22:25:28 +00:00
allcontributors[bot]
42d3d05cf9 docs: update README.md 2024-10-12 22:25:27 +00:00
allcontributors[bot]
980952b427 docs: update .all-contributorsrc 2024-10-12 22:25:16 +00:00
allcontributors[bot]
097408f8b6 docs: update README.md 2024-10-12 22:25:15 +00:00
allcontributors[bot]
fb39a9695e docs: update .all-contributorsrc 2024-10-12 22:25:08 +00:00
allcontributors[bot]
d2c1bf5a27 docs: update README.md 2024-10-12 22:25:07 +00:00
allcontributors[bot]
ff2bb4a8c5 docs: update .all-contributorsrc 2024-10-12 22:24:49 +00:00