Compare commits

...

26 Commits

Author SHA1 Message Date
vmfunc b335a45a82 chore<format>: gofmt whitespace removal 2024-10-15 02:32:48 +02:00
vmfunc 1048a97355 feat<sif>: log scan overview 2024-10-15 00:14:59 +02:00
vmfunc cceb60a423 fix<contrib>: fix contributor file 2024-10-13 00:56:23 +02:00
vmfunc bf5fd7c566 fix: replace modules with features 2024-10-13 00:49:12 +02:00
vmfunc 16a73f274b feat: improve readme 2024-10-13 00:44:50 +02:00
vmfunc fcc0ba0ea4 Merge pull request #36 from lunchcat/all-contributors/add-projectdiscovery
docs: add projectdiscovery as a contributor for platform
2024-10-13 00:32:48 +02:00
vmfunc b619ed026a Merge branch 'main' into all-contributors/add-projectdiscovery 2024-10-13 00:32:41 +02:00
vmfunc 26b35c1cbc Merge pull request #35 from lunchcat/all-contributors/add-macdoos
docs: add macdoos as a contributor for code
2024-10-13 00:31:55 +02:00
vmfunc 4a51ddda95 Merge branch 'main' into all-contributors/add-macdoos 2024-10-13 00:31:50 +02:00
vmfunc 3eae11695d Merge pull request #34 from lunchcat/all-contributors/add-D3adPlays
docs: add D3adPlays as a contributor for ideas
2024-10-13 00:31:10 +02:00
vmfunc c29227d26b Merge branch 'main' into all-contributors/add-D3adPlays 2024-10-13 00:31:04 +02:00
vmfunc 0279ea9b0a Merge pull request #33 from lunchcat/all-contributors/add-tessa-u-k
docs: add tessa-u-k as a contributor for infra, question, and userTesting
2024-10-13 00:30:16 +02:00
vmfunc dfe8004544 Merge branch 'main' into all-contributors/add-tessa-u-k 2024-10-13 00:27:32 +02:00
vmfunc 2816887a7a Merge pull request #32 from lunchcat/all-contributors/add-xyzeva
docs: add xyzeva as a contributor for blog, content, and 4 more
2024-10-13 00:25:45 +02:00
allcontributors[bot] ae82c2066d docs: update .all-contributorsrc 2024-10-12 22:25:28 +00:00
allcontributors[bot] cebfe62bcf docs: update README.md 2024-10-12 22:25:27 +00:00
allcontributors[bot] a79ffd08d4 docs: update .all-contributorsrc 2024-10-12 22:25:16 +00:00
allcontributors[bot] 22fba38ff6 docs: update README.md 2024-10-12 22:25:15 +00:00
allcontributors[bot] dd28daf795 docs: update .all-contributorsrc 2024-10-12 22:25:08 +00:00
allcontributors[bot] 7c080e99a8 docs: update README.md 2024-10-12 22:25:07 +00:00
allcontributors[bot] 7c9ba8da80 docs: update .all-contributorsrc 2024-10-12 22:24:49 +00:00
allcontributors[bot] 814be003ad docs: update README.md 2024-10-12 22:24:48 +00:00
allcontributors[bot] 2a87a5790f docs: update .all-contributorsrc 2024-10-12 22:24:41 +00:00
allcontributors[bot] 8e76b40b53 docs: update README.md 2024-10-12 22:24:40 +00:00
vmfunc e3b87e5138 Merge pull request #31 from lunchcat/all-contributors/add-vmfunc
docs: add vmfunc as a contributor for maintenance, mentoring, and 8 more
2024-10-13 00:24:12 +02:00
vmfunc 3cd45523a3 Merge pull request #30 from lunchcat/all-contributors/add-vmfunc
docs: add vmfunc as a contributor for maintenance
2024-10-13 00:18:12 +02:00
25 changed files with 253 additions and 83 deletions
+51
View File
@@ -25,6 +25,57 @@
"financial",
"ideas"
]
},
{
"login": "projectdiscovery",
"name": "ProjectDiscovery",
"avatar_url": "https://avatars.githubusercontent.com/u/50994705?v=4",
"profile": "https://projectdiscovery.io",
"contributions": [
"platform"
]
},
{
"login": "macdoos",
"name": "macdoos",
"avatar_url": "https://avatars.githubusercontent.com/u/127897805?v=4",
"profile": "https://github.com/macdoos",
"contributions": [
]
},
{
"login": "D3adPlays",
"name": "Matthieu Witrowiez",
"avatar_url": "https://avatars.githubusercontent.com/u/75166283?v=4",
"profile": "https://epitech.eu",
"contributions": [
"ideas"
]
},
{
"login": "tessa-u-k",
"name": "tessa ",
"avatar_url": "https://avatars.githubusercontent.com/u/109355732?v=4",
"profile": "https://github.com/tessa-u-k",
"contributions": [
"infra",
"question",
"userTesting"
]
},
{
"login": "xyzeva",
"name": "Eva",
"avatar_url": "https://avatars.githubusercontent.com/u/133499694?v=4",
"profile": "https://github.com/xyzeva",
"contributions": [
"blog",
"content",
"research",
"security",
"test",
"code"
]
}
]
}
+119 -14
View File
@@ -1,12 +1,6 @@
<pre align="center">
_____________
__________(_)__ __/
__ ___/_ /__ /_
_(__ )_ / _ __/
/____/ /_/ /_/
</pre>
<h4 align="center">a blazing-fast pentesting (recon/exploitation) suite written in Go 🐾</h4>
<div align="center">
<img src="https://github.com/lunchcat/sif/blob/main/assets/banner.png?raw=true">
</div>
<div align="center">
@@ -18,7 +12,20 @@ _(__ )_ / _ __/
</div>
## Features
## 📖 Table of Contents
- [Modules](#-modules)
- [Installation](#-installation)
- [Quick Start](#-quick-start)
- [Usage](#-usage)
- [Performance](#-performance)
- [Contributing](#-contributing)
- [Contributors](#-contributors)
- [Acknowledgements](#-acknowledgements)
## 🧩 Modules
sif is built with a modular architecture, allowing for easy extension and customization. Some of our key modules include:
- 📂 Directory/file fuzzing/scanning
- 📡 DNS subdomain enumeration
@@ -34,7 +41,89 @@ _(__ )_ / _ __/
- ☁️ C3 Misconfiguration Scanner
- 🔍 Subdomain Takeover Checks
## Contributors
## 📦 Installation
### Using pre-built binaries
Visit our [Releases](https://github.com/dropalldatabases/sif/releases) page to download the latest pre-built binary for your operating system.
### Building from source
1. Ensure you have Go 1.23+ installed on your system.
2. Clone the repository:
```
git clone https://github.com/lunchcat/sif.git
cd sif
```
3. Build using the Makefile:
```
make
```
4. The binary will be available in the root directory.
## 🚀 Quick Start
1. Run a basic scan:
```
./sif -u example.com
```
2. For more options and advanced usage, refer to the help command:
```
./sif -h
```
## 🛠 Usage
sif offers a wide range of commands and options to customize your pentesting workflow. Here are some common usage examples:
- Directory fuzzing
```
./sif -u http://example.com -dirlist medium
```
- Subdomain enumeration
```
./sif -u http://example.com -dnslist medium
```
- Supabase/Firebase and C3 Vulnerability scanning
```
./sif -u https://example.com -js -c3
```
- Port scanning
```
./sif -u https://example.com -ports common
```
For a complete list of commands and options, run `./sif -h`.
## ⚡ Performance
sif is designed for high performance and efficiency:
- Written in Go for excellent concurrency and speed
- Optimized algorithms for minimal resource usage
- Supports multi-threading for faster scans
- Efficient caching mechanisms to reduce redundant operations
## 🤝 Contributing
We welcome contributions from the community! Please read our [Contributing Guidelines](CONTRIBUTING.md) before submitting a pull request.
Areas we're particularly interested in:
- New scanning modules
- Performance improvements
- Documentation enhancements
- Bug fixes and error handling improvements
## 🌟 Contributors
Thanks to these wonderful people who have contributed to sif:
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
@@ -43,6 +132,11 @@ _(__ )_ / _ __/
<tbody>
<tr>
<td align="center" valign="top" width="14.28%"><a href="https://vmfunc.re"><img src="https://avatars.githubusercontent.com/u/59031302?v=4?s=100" width="100px;" alt="mel"/><br /><sub><b>mel</b></sub></a><br /><a href="#maintenance-vmfunc" title="Maintenance">🚧</a> <a href="#mentoring-vmfunc" title="Mentoring">🧑‍🏫</a> <a href="#projectManagement-vmfunc" title="Project Management">📆</a> <a href="#security-vmfunc" title="Security">🛡️</a> <a href="#test-vmfunc" title="Tests">⚠️</a> <a href="#business-vmfunc" title="Business development">💼</a> <a href="#code-vmfunc" title="Code">💻</a> <a href="#design-vmfunc" title="Design">🎨</a> <a href="#financial-vmfunc" title="Financial">💵</a> <a href="#ideas-vmfunc" title="Ideas, Planning, & Feedback">🤔</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://projectdiscovery.io"><img src="https://avatars.githubusercontent.com/u/50994705?v=4?s=100" width="100px;" alt="ProjectDiscovery"/><br /><sub><b>ProjectDiscovery</b></sub></a><br /><a href="#platform-projectdiscovery" title="Packaging/porting to new platform">📦</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/macdoos"><img src="https://avatars.githubusercontent.com/u/127897805?v=4?s=100" width="100px;" alt="macdoos"/><br /><sub><b>macdoos</b></sub></a><br /><a href="#code-macdoos" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://epitech.eu"><img src="https://avatars.githubusercontent.com/u/75166283?v=4?s=100" width="100px;" alt="Matthieu Witrowiez"/><br /><sub><b>Matthieu Witrowiez</b></sub></a><br /><a href="#ideas-D3adPlays" title="Ideas, Planning, & Feedback">🤔</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/tessa-u-k"><img src="https://avatars.githubusercontent.com/u/109355732?v=4?s=100" width="100px;" alt="tessa "/><br /><sub><b>tessa </b></sub></a><br /><a href="#infra-tessa-u-k" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#question-tessa-u-k" title="Answering Questions">💬</a> <a href="#userTesting-tessa-u-k" title="User Testing">📓</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/xyzeva"><img src="https://avatars.githubusercontent.com/u/133499694?v=4?s=100" width="100px;" alt="Eva"/><br /><sub><b>Eva</b></sub></a><br /><a href="#blog-xyzeva" title="Blogposts">📝</a> <a href="#content-xyzeva" title="Content">🖋</a> <a href="#research-xyzeva" title="Research">🔬</a> <a href="#security-xyzeva" title="Security">🛡️</a> <a href="#test-xyzeva" title="Tests">⚠️</a> <a href="#code-xyzeva" title="Code">💻</a></td>
</tr>
</tbody>
</table>
@@ -52,8 +146,19 @@ _(__ )_ / _ __/
<!-- ALL-CONTRIBUTORS-LIST:END -->
## Contributing and support
## 🙏 Acknowledgements
Please join [our Discord server](https://discord.gg/uzQv4YbJ8W) to discuss sif development and to ask questions. Feel free to open an issue on GitHub requesting an addition to sif or asking for help with an issue.
We'd like to thank the following projects and communities for their inspiration and support:
Contributions are welcome! Make sure to read `CONTRIBUTING.md` before submitting a pull request.
- [ProjectDiscovery](https://projectdiscovery.io/) for their amazing open-source security tools
- [Shodan](https://www.shodan.io/)
- [Malcore](https://www.malcore.io/), for providing us direct API support at Lunchcat.
---
<div align="center">
<strong>Happy Hunting! 🐾</strong>
<p>
<sub>Built with ❤️ by the lunchcat team and contributors worldwide</sub>
</p>
</div>
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+4 -4
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -66,13 +66,13 @@ var (
// Severity level styles for color-coding vulnerability severities
var (
SeverityLow = lipgloss.NewStyle().
SeverityLow = lipgloss.NewStyle().
Foreground(lipgloss.Color("#00ff00"))
SeverityMedium = lipgloss.NewStyle().
SeverityMedium = lipgloss.NewStyle().
Foreground(lipgloss.Color("#ffff00"))
SeverityHigh = lipgloss.NewStyle().
SeverityHigh = lipgloss.NewStyle().
Foreground(lipgloss.Color("#ff8800"))
SeverityCritical = lipgloss.NewStyle().
+21 -21
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -32,26 +32,26 @@ import (
)
type Settings struct {
Dirlist string
Dnslist string
Debug bool
LogDir string
NoScan bool
Ports string
Dorking bool
Git bool
Whois bool
Threads int
Nuclei bool
JavaScript bool
Timeout time.Duration
URLs goflags.StringSlice
File string
ApiMode bool
Template string
CMS bool
Headers bool
CloudStorage bool
Dirlist string
Dnslist string
Debug bool
LogDir string
NoScan bool
Ports string
Dorking bool
Git bool
Whois bool
Threads int
Nuclei bool
JavaScript bool
Timeout time.Duration
URLs goflags.StringSlice
File string
ApiMode bool
Template string
CMS bool
Headers bool
CloudStorage bool
SubdomainTakeover bool
}
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+5 -6
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -27,9 +27,9 @@ package scan
import (
"fmt"
"net/http"
"os"
"strings"
"time"
"os"
"github.com/charmbracelet/log"
"github.com/dropalldatabases/sif/internal/styles"
@@ -92,7 +92,7 @@ func CloudStorage(url string, timeout time.Duration, logdir string) ([]CloudStor
}
func extractPotentialBuckets(url string) []string {
// This is a simple implementation.
// This is a simple implementation.
// TODO: add more cases
parts := strings.Split(url, ".")
var buckets []string
@@ -100,11 +100,11 @@ func extractPotentialBuckets(url string) []string {
buckets = append(buckets, part)
buckets = append(buckets, part+"-s3")
buckets = append(buckets, "s3-"+part)
if i < len(parts)-1 {
domainExtension := part + "-" + parts[i+1]
buckets = append(buckets, domainExtension)
buckets = append(buckets, parts[i+1] + "-" + part)
buckets = append(buckets, parts[i+1]+"-"+part)
}
}
return buckets
@@ -121,4 +121,3 @@ func checkS3Bucket(bucket string, client *http.Client) (bool, error) {
// If we can access the bucket listing, it's public
return resp.StatusCode == http.StatusOK, nil
}
+2 -3
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -28,9 +28,9 @@ import (
"fmt"
"io"
"net/http"
"os"
"strings"
"time"
"os"
"github.com/charmbracelet/log"
"github.com/dropalldatabases/sif/internal/styles"
@@ -57,7 +57,6 @@ func CMS(url string, timeout time.Duration, logdir string) (*CMSResult, error) {
cmslog := log.NewWithOptions(os.Stderr, log.Options{
Prefix: "CMS 🔍",
}).With("url", url)
client := &http.Client{
Timeout: timeout,
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+2 -2
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -132,4 +132,4 @@ func Dork(url string, timeout time.Duration, threads int, logdir string) ([]Dork
wg.Wait()
return dorkResults, nil
}
}
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+2 -3
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
@@ -27,9 +27,9 @@ package scan
import (
"fmt"
"net/http"
"os"
"strings"
"time"
"os"
"github.com/charmbracelet/log"
"github.com/dropalldatabases/sif/internal/styles"
@@ -81,4 +81,3 @@ func Headers(url string, timeout time.Duration, logdir string) ([]HeaderResult,
return results, nil
}
+1 -2
View File
@@ -17,12 +17,11 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
/*
What we are doing is abusing a internal file in Next.js pages router called
_buildManifest.js which lists all routes and script files ever referenced in
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -2
View File
@@ -17,12 +17,11 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
// The scan package provides a collection of security scanning functions.
//
// Each scanning function typically returns a slice of custom result structures and an error.
+10 -10
View File
@@ -2,24 +2,24 @@ package scan
import (
"fmt"
"io"
"net"
"net/http"
"strings"
"time"
"os"
"sync"
"github.com/charmbracelet/log"
"github.com/dropalldatabases/sif/internal/styles"
"github.com/dropalldatabases/sif/pkg/logger"
"io"
"net"
"net/http"
"os"
"strings"
"sync"
"time"
)
// SubdomainTakeoverResult represents the outcome of a subdomain takeover vulnerability check.
// It includes the subdomain tested, whether it's vulnerable, and the potentially vulnerable service.
type SubdomainTakeoverResult struct {
Subdomain string `json:"subdomain"`
Vulnerable bool `json:"vulnerable"`
Service string `json:"service,omitempty"`
Subdomain string `json:"subdomain"`
Vulnerable bool `json:"vulnerable"`
Service string `json:"service,omitempty"`
}
// SubdomainTakeover checks for potential subdomain takeover vulnerabilities.
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+1 -1
View File
@@ -17,7 +17,7 @@
║ research or educational purposes must purchase a license ║
║ from https://lunchcat.dev ║
║ ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ For more information, visit: https://github.com/lunchcat/sif ║
║ ║
╚══════════════════════════════════════════════════════════════════════════════╝
*/
+22 -3
View File
@@ -91,6 +91,8 @@ func (app *App) Run() error {
}
}
scansRun := []string{}
for _, url := range app.targets {
if !strings.Contains(url, "://") {
return errors.New(fmt.Sprintf("URL %s must include leading protocol", url))
@@ -108,6 +110,7 @@ func (app *App) Run() error {
if !app.settings.NoScan {
scan.Scan(url, app.settings.Timeout, app.settings.Threads, app.settings.LogDir)
scansRun = append(scansRun, "Basic Scan")
}
if app.settings.Dirlist != "none" {
@@ -116,6 +119,7 @@ func (app *App) Run() error {
log.Errorf("Error while running directory scan: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"dirlist", result})
scansRun = append(scansRun, "Directory Listing")
}
}
@@ -128,6 +132,7 @@ func (app *App) Run() error {
} else {
moduleResults = append(moduleResults, ModuleResult{"dnslist", result})
dnsResults = result // Store the DNS results
scansRun = append(scansRun, "DNS Scan")
}
// Only run subdomain takeover check if DNS scan is enabled
@@ -137,6 +142,7 @@ func (app *App) Run() error {
log.Errorf("Error while running Subdomain Takeover Vulnerability Check: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"subdomain_takeover", result})
scansRun = append(scansRun, "Subdomain Takeover")
}
}
} else if app.settings.SubdomainTakeover {
@@ -149,11 +155,13 @@ func (app *App) Run() error {
log.Errorf("Error while running port scan: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"portscan", result})
scansRun = append(scansRun, "Port Scan")
}
}
if app.settings.Whois {
scan.Whois(url, app.settings.LogDir)
scansRun = append(scansRun, "Whois")
}
// func Git(url string, timeout time.Duration, threads int, logdir string)
@@ -163,6 +171,7 @@ func (app *App) Run() error {
log.Errorf("Error while running Git module: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"git", result})
scansRun = append(scansRun, "Git")
}
}
@@ -172,6 +181,7 @@ func (app *App) Run() error {
log.Errorf("Error while running Nuclei module: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"nuclei", result})
scansRun = append(scansRun, "Nuclei")
}
}
@@ -181,6 +191,7 @@ func (app *App) Run() error {
log.Errorf("Error while running JS module: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"js", result})
scansRun = append(scansRun, "JS")
}
}
@@ -188,6 +199,7 @@ func (app *App) Run() error {
result, err := scan.CMS(url, app.settings.Timeout, app.settings.LogDir)
if err != nil {
log.Errorf("Error while running CMS detection: %s", err)
scansRun = append(scansRun, "CMS")
} else if result != nil {
moduleResults = append(moduleResults, ModuleResult{"cms", result})
}
@@ -199,6 +211,7 @@ func (app *App) Run() error {
log.Errorf("Error while running HTTP Header Analysis: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"headers", result})
scansRun = append(scansRun, "HTTP Headers")
}
}
@@ -208,6 +221,7 @@ func (app *App) Run() error {
log.Errorf("Error while running C3 Scan: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"cloudstorage", result})
scansRun = append(scansRun, "Cloud Storage")
}
}
@@ -218,6 +232,7 @@ func (app *App) Run() error {
log.Errorf("Error while running Subdomain Takeover Vulnerability Check: %s", err)
} else {
moduleResults = append(moduleResults, ModuleResult{"subdomain_takeover", result})
scansRun = append(scansRun, "Subdomain Takeover")
}
}
@@ -236,12 +251,16 @@ func (app *App) Run() error {
}
if !app.settings.ApiMode {
scansRunList := " • " + strings.Join(scansRun, "\n • ")
if app.settings.LogDir != "" {
fmt.Println(styles.Box.Render(fmt.Sprintf("🌿 All scans completed!\n📂 Output saved to files: %s\n", strings.Join(app.logFiles, ", "))))
fmt.Println(styles.Box.Render(fmt.Sprintf("🌿 All scans completed!\n📂 Output saved to files: %s\n\n🔍 Ran scans:\n%s",
strings.Join(app.logFiles, ", "),
scansRunList)))
} else {
fmt.Println(styles.Box.Render(fmt.Sprintf("🌿 All scans completed!\n")))
fmt.Println(styles.Box.Render(fmt.Sprintf("🌿 All scans completed!\n\n🔍 Ran scans:\n%s",
scansRunList)))
}
}
return nil
}
}