mirror of
https://github.com/lunchcat/sif.git
synced 2026-06-16 11:51:49 -07:00
Compare commits
53 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 vmfunc
|
bf5fd7c566 | ||
|
vmfunc
|
16a73f274b | ||
|
vmfunc
|
fcc0ba0ea4 | ||
|
vmfunc
|
b619ed026a | ||
|
vmfunc
|
26b35c1cbc | ||
|
vmfunc
|
4a51ddda95 | ||
|
vmfunc
|
3eae11695d | ||
|
vmfunc
|
c29227d26b | ||
|
vmfunc
|
0279ea9b0a | ||
|
vmfunc
|
dfe8004544 | ||
|
vmfunc
|
2816887a7a | ||
|
allcontributors[bot]
|
ae82c2066d | ||
|
allcontributors[bot]
|
cebfe62bcf | ||
|
allcontributors[bot]
|
a79ffd08d4 | ||
|
allcontributors[bot]
|
22fba38ff6 | ||
|
allcontributors[bot]
|
dd28daf795 | ||
|
allcontributors[bot]
|
7c080e99a8 | ||
|
allcontributors[bot]
|
7c9ba8da80 | ||
|
allcontributors[bot]
|
814be003ad | ||
|
allcontributors[bot]
|
2a87a5790f | ||
|
allcontributors[bot]
|
8e76b40b53 | ||
|
vmfunc
|
e3b87e5138 | ||
|
allcontributors[bot]
|
2ef4392e28 | ||
|
allcontributors[bot]
|
bcb9482f00 | ||
|
vmfunc
|
3cd45523a3 | ||
|
allcontributors[bot]
|
bd74efcc5c | ||
|
allcontributors[bot]
|
8effe8a297 | ||
|
vmfunc
|
cb7abc230e | ||
|
vmfunc
|
60ee32155a | ||
|
vmfunc
|
3bc8018b26 | ||
|
vmfunc
|
4eebe0e386 | ||
|
vmfunc
|
ea21e2188f | ||
|
vmfunc
|
b262c82180 | ||
|
vmfunc
|
ee0d258901 | ||
|
vmfunc
|
093b290a0d | ||
|
vmfunc
|
4441b113e6 | ||
|
vmfunc
|
ec48a8a462 | ||
|
vmfunc
|
100d385b3c | ||
|
vmfunc
|
109d8efd41 | ||
|
vmfunc
|
267aa6e177 | ||
|
vmfunc
|
a2f2a51701 | ||
|
vmfunc
|
56516e28e2 | ||
|
vmfunc
|
7be0c04c7d | ||
|
vmfunc
|
a4dbb21e96 | ||
|
vmfunc
|
887363cb16 | ||
|
vmfunc
|
65243f46e3 | ||
|
vmfunc
|
5b63515650 | ||
|
vmfunc
|
d8ac81cb96 | ||
|
vmfunc
|
592ea1e14f | ||
|
vmfunc
|
7fae5b1c55 | ||
|
vmfunc
|
18daaf61f9 | ||
|
vmfunc
|
17aff81ee1 | ||
|
vmfunc
|
5b166ba474 |
@@ -0,0 +1,80 @@
|
||||
{
|
||||
"projectName": "sif",
|
||||
"projectOwner": "lunchcat",
|
||||
"files": [
|
||||
"README.md"
|
||||
],
|
||||
"commitType": "docs",
|
||||
"commitConvention": "angular",
|
||||
"contributorsPerLine": 7,
|
||||
"contributors": [
|
||||
{
|
||||
"login": "vmfunc",
|
||||
"name": "mel",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/59031302?v=4",
|
||||
"profile": "https://vmfunc.re",
|
||||
"contributions": [
|
||||
"maintenance",
|
||||
"mentoring",
|
||||
"projectManagement",
|
||||
"security",
|
||||
"test",
|
||||
"business",
|
||||
"code",
|
||||
"design",
|
||||
"financial",
|
||||
"ideas"
|
||||
]
|
||||
},
|
||||
{
|
||||
"login": "projectdiscovery",
|
||||
"name": "ProjectDiscovery",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/50994705?v=4",
|
||||
"profile": "https://projectdiscovery.io",
|
||||
"contributions": [
|
||||
"platform"
|
||||
]
|
||||
},
|
||||
{
|
||||
"login": "macdoos",
|
||||
"name": "macdoos",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/127897805?v=4",
|
||||
"profile": "https://github.com/macdoos",
|
||||
"contributions": [
|
||||
]
|
||||
},
|
||||
{
|
||||
"login": "D3adPlays",
|
||||
"name": "Matthieu Witrowiez",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/75166283?v=4",
|
||||
"profile": "https://epitech.eu",
|
||||
"contributions": [
|
||||
"ideas"
|
||||
]
|
||||
},
|
||||
"login": "tessa-u-k",
|
||||
"name": "tessa ",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/109355732?v=4",
|
||||
"profile": "https://github.com/tessa-u-k",
|
||||
"contributions": [
|
||||
"infra",
|
||||
"question",
|
||||
"userTesting"
|
||||
]
|
||||
},
|
||||
{
|
||||
"login": "xyzeva",
|
||||
"name": "Eva",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/133499694?v=4",
|
||||
"profile": "https://github.com/xyzeva",
|
||||
"contributions": [
|
||||
"blog",
|
||||
"content",
|
||||
"research",
|
||||
"security",
|
||||
"test",
|
||||
"code"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -1,17 +1,17 @@
|
||||
name: Go
|
||||
on:
|
||||
push:
|
||||
branches: [ "main" ]
|
||||
branches: ["main"]
|
||||
pull_request:
|
||||
branches: [ "main" ]
|
||||
branches: ["main"]
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: '1.21'
|
||||
- name: Build
|
||||
run: make
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.23"
|
||||
- name: Build
|
||||
run: make
|
||||
|
||||
@@ -0,0 +1,156 @@
|
||||
name: Release
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
packages: write
|
||||
|
||||
jobs:
|
||||
test:
|
||||
uses: ./.github/workflows/runtest.yml
|
||||
|
||||
build-and-release:
|
||||
needs: test
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.23"
|
||||
|
||||
- name: Build for Windows
|
||||
run: |
|
||||
GOOS=windows GOARCH=amd64 go build -o sif-windows-amd64.exe ./cmd/sif
|
||||
GOOS=windows GOARCH=386 go build -o sif-windows-386.exe ./cmd/sif
|
||||
|
||||
- name: Build for macOS
|
||||
run: |
|
||||
GOOS=darwin GOARCH=amd64 go build -o sif-macos-amd64 ./cmd/sif
|
||||
GOOS=darwin GOARCH=arm64 go build -o sif-macos-arm64 ./cmd/sif
|
||||
|
||||
- name: Build for Linux
|
||||
run: |
|
||||
GOOS=linux GOARCH=amd64 go build -o sif-linux-amd64 ./cmd/sif
|
||||
GOOS=linux GOARCH=386 go build -o sif-linux-386 ./cmd/sif
|
||||
GOOS=linux GOARCH=arm64 go build -o sif-linux-arm64 ./cmd/sif
|
||||
|
||||
- name: Set release version
|
||||
run: echo "RELEASE_VERSION=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
|
||||
|
||||
- name: Get commit info
|
||||
run: |
|
||||
echo "COMMIT_MESSAGE=$(git log -1 --pretty=%B)" >> $GITHUB_ENV
|
||||
echo "COMMIT_AUTHOR=$(git log -1 --pretty=%an)" >> $GITHUB_ENV
|
||||
echo "COMMIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
|
||||
|
||||
- name: Create Release
|
||||
id: create_release
|
||||
uses: actions/create-release@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
tag_name: automated-release-${{ env.RELEASE_VERSION }}
|
||||
release_name: Release ${{ env.RELEASE_VERSION }}
|
||||
body: |
|
||||
🚀 sif automated release v${{ env.RELEASE_VERSION }}
|
||||
|
||||
This is an automated release pushed by the release workflow.
|
||||
|
||||
## Commit Information
|
||||
- **Message:** ${{ env.COMMIT_MESSAGE }}
|
||||
- **Author:** ${{ env.COMMIT_AUTHOR }}
|
||||
- **SHA:** ${{ env.COMMIT_SHA }}
|
||||
|
||||
## Build Information
|
||||
- Built on: ${{ runner.os }}
|
||||
|
||||
## Assets
|
||||
- Windows (64-bit): `sif-windows-amd64.exe`
|
||||
- Windows (32-bit): `sif-windows-386.exe`
|
||||
- macOS (64-bit Intel): `sif-macos-amd64`
|
||||
- macOS (64-bit ARM): `sif-macos-arm64`
|
||||
- Linux (64-bit): `sif-linux-amd64`
|
||||
- Linux (32-bit): `sif-linux-386`
|
||||
- Linux (64-bit ARM): `sif-linux-arm64`
|
||||
|
||||
For more details, please check the [commit history](https://github.com/${{ github.repository }}/commits/main).
|
||||
|
||||
@${{ env.COMMIT_AUTHOR }}, your changes have been included in this release.
|
||||
draft: false
|
||||
prerelease: false
|
||||
|
||||
- name: Upload Windows Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-windows-amd64.exe
|
||||
asset_name: sif-windows-amd64.exe
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Windows (32-bit) Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-windows-386.exe
|
||||
asset_name: sif-windows-386.exe
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload macOS Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-macos-amd64
|
||||
asset_name: sif-macos-amd64
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload macOS (ARM64) Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-macos-arm64
|
||||
asset_name: sif-macos-arm64
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Linux Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-linux-amd64
|
||||
asset_name: sif-linux-amd64
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Linux (32-bit) Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-linux-386
|
||||
asset_name: sif-linux-386
|
||||
asset_content_type: application/octet-stream
|
||||
|
||||
- name: Upload Linux (ARM64) Release Asset
|
||||
uses: actions/upload-release-asset@v1
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
upload_url: ${{ steps.create_release.outputs.upload_url }}
|
||||
asset_path: ./sif-linux-arm64
|
||||
asset_name: sif-linux-arm64
|
||||
asset_content_type: application/octet-stream
|
||||
@@ -0,0 +1,29 @@
|
||||
name: Functional Test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
workflow_call:
|
||||
|
||||
jobs:
|
||||
build-and-test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.23"
|
||||
- name: Build Sif
|
||||
run: make
|
||||
- name: Run Sif with features
|
||||
run: |
|
||||
./sif -u https://google.com -dnslist small -dirlist small -dork -git -whois -cms
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "Sif ran successfully"
|
||||
else
|
||||
echo "Sif exited with an error"
|
||||
exit 1
|
||||
fi
|
||||
@@ -1,3 +1,6 @@
|
||||
# Copyright (c) 2024 vmfunc, xyzeva, lunchcat, and contributors
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
.POSIX:
|
||||
.SUFFIXES:
|
||||
|
||||
@@ -7,19 +10,82 @@ GOFLAGS ?=
|
||||
PREFIX ?= /usr/local
|
||||
BINDIR ?= bin
|
||||
|
||||
all: sif
|
||||
define COPYRIGHT_ASCII
|
||||
╭────────────────────────────────────────────────────────────╮
|
||||
│ _____________ │
|
||||
│ __________(_)__ __/ │
|
||||
│ __ ___/_ /__ /_ │
|
||||
│ _(__ )_ / _ __/ │
|
||||
│ /____/ /_/ /_/ │
|
||||
│ │
|
||||
╰────────────────────────────────────────────────────────────╯
|
||||
Copyright (c) 2024 vmfunc, xyzeva, lunchcat, and contributors
|
||||
|
||||
sif:
|
||||
$(GO) build $(GOFLAGS) ./cmd/sif
|
||||
|
||||
endef
|
||||
export COPYRIGHT_ASCII
|
||||
|
||||
define SUPPORT_MESSAGE
|
||||
|
||||
|
||||
╭────────────────────────────────────────────────────────────╮
|
||||
│ │
|
||||
│ 🌟 Enjoying sif? Please consider: │
|
||||
│ │
|
||||
│ • Starring our repo: https://github.com/lunchcat/sif │
|
||||
│ • Supporting the devs: https://lunchcat.dev │
|
||||
│ │
|
||||
│ Your support helps us continue improving sif! │
|
||||
│ │
|
||||
╰────────────────────────────────────────────────────────────╯
|
||||
endef
|
||||
export SUPPORT_MESSAGE
|
||||
|
||||
all: check_go_version sif
|
||||
@echo "✅ All tasks completed successfully! 🎉"
|
||||
@echo "$$SUPPORT_MESSAGE"
|
||||
|
||||
check_go_version:
|
||||
@echo "$$COPYRIGHT_ASCII"
|
||||
@echo "🔍 Checking Go version..."
|
||||
@$(GO) version | grep -q "go1\.23\." || (echo "❌ Error: Please install the latest version of Go" && exit 1)
|
||||
@echo "✅ Go version check passed!"
|
||||
|
||||
sif: check_go_version
|
||||
@echo "🛠️ Building sif..."
|
||||
@echo "📁 Current directory: $$(pwd)"
|
||||
@echo "🔧 Go flags: $(GOFLAGS)"
|
||||
@echo "📦 Building package: ./cmd/sif"
|
||||
$(GO) build -v $(GOFLAGS) ./cmd/sif
|
||||
@echo "📊 Build info:"
|
||||
@$(GO) version -m sif
|
||||
@echo "✅ sif built successfully! 🚀"
|
||||
|
||||
clean:
|
||||
$(RM) -rf sif
|
||||
@echo "$$COPYRIGHT_ASCII"
|
||||
@echo "🧹 Cleaning up..."
|
||||
@$(RM) -rf sif
|
||||
@echo "✨ Cleanup complete!"
|
||||
|
||||
install:
|
||||
mkdir -p $(DESTDIR)$(PREFIX)/$(BINDIR)
|
||||
cp -f sif $(DESTDIR)$(PREFIX)/$(BINDIR)
|
||||
install: check_go_version
|
||||
@echo "$$COPYRIGHT_ASCII"
|
||||
@echo "📦 Installing sif..."
|
||||
@if [ "$$(uname)" != "Linux" ] && [ "$$(uname)" != "Darwin" ]; then \
|
||||
echo "❌ Error: This installation script is for UNIX systems only."; \
|
||||
exit 1; \
|
||||
fi
|
||||
@mkdir -p $(DESTDIR)$(PREFIX)/$(BINDIR) || (echo "🔒 Permission denied. Trying with sudo..." && sudo mkdir -p $(DESTDIR)$(PREFIX)/$(BINDIR))
|
||||
@cp -f sif $(DESTDIR)$(PREFIX)/$(BINDIR) || (echo "🔒 Permission denied. Trying with sudo..." && sudo cp -f sif $(DESTDIR)$(PREFIX)/$(BINDIR))
|
||||
@echo "✅ sif installed successfully! 🎊"
|
||||
|
||||
uninstall:
|
||||
$(RM) $(DESTDIR)$(PREFIX)/$(BINDIR)/sif
|
||||
@echo "$$COPYRIGHT_ASCII"
|
||||
@echo "🗑️ Uninstalling sif..."
|
||||
@if [ "$$(uname)" != "Linux" ] && [ "$$(uname)" != "Darwin" ]; then \
|
||||
echo "❌ Error: This uninstallation script is for UNIX systems only."; \
|
||||
exit 1; \
|
||||
fi
|
||||
@$(RM) $(DESTDIR)$(PREFIX)/$(BINDIR)/sif || (echo "🔒 Permission denied. Trying with sudo..." && sudo $(RM) $(DESTDIR)$(PREFIX)/$(BINDIR)/sif)
|
||||
@echo "✅ sif uninstalled successfully!"
|
||||
|
||||
.PHONY: all sif clean install uninstall
|
||||
.PHONY: all check_go_version sif clean install uninstall
|
||||
@@ -1,22 +1,32 @@
|
||||
<pre align="center">
|
||||
_____________
|
||||
__________(_)__ __/
|
||||
__ ___/_ /__ /_
|
||||
_(__ )_ / _ __/
|
||||
/____/ /_/ /_/
|
||||
</pre>
|
||||
|
||||
<h4 align="center">a blazing-fast pentesting (recon/exploitation) suite written in Go 🐾</h4>
|
||||
<div align="center">
|
||||
<img src="https://github.com/lunchcat/sif/blob/main/assets/banner.png?raw=true">
|
||||
</div>
|
||||
|
||||
<div align="center">
|
||||
|
||||
|
||||
[](https://goreportcard.com/report/github.com/dropalldatabases/sif)
|
||||
[](https://github.com/dropalldatabases/sif/tags)
|
||||
[](https://discord.gg/uzQv4YbJ8W)
|
||||
|
||||
[](#contributors)
|
||||
|
||||
</div>
|
||||
|
||||
## Features
|
||||
## 📖 Table of Contents
|
||||
|
||||
- [Modules](#-modules)
|
||||
- [Installation](#-installation)
|
||||
- [Quick Start](#-quick-start)
|
||||
- [Usage](#-usage)
|
||||
- [Performance](#-performance)
|
||||
- [Contributing](#-contributing)
|
||||
- [Contributors](#-contributors)
|
||||
- [Acknowledgements](#-acknowledgements)
|
||||
|
||||
## 🧩 Modules
|
||||
|
||||
sif is built with a modular architecture, allowing for easy extension and customization. Some of our key modules include:
|
||||
|
||||
- 📂 Directory/file fuzzing/scanning
|
||||
- 📡 DNS subdomain enumeration
|
||||
- 🐾 Common Web scanning
|
||||
@@ -26,9 +36,129 @@ _(__ )_ / _ __/
|
||||
- Metasploit emulation for execution
|
||||
- 🔎 Automated Google dorking
|
||||
- 💘 Shodan integration
|
||||
- 📦 CMS detection
|
||||
- 🔍 HTTP Header Analysis
|
||||
- ☁️ C3 Misconfiguration Scanner
|
||||
- 🔍 Subdomain Takeover Checks
|
||||
|
||||
## Contributing and support
|
||||
## 📦 Installation
|
||||
|
||||
Please join [our Discord server](https://discord.gg/uzQv4YbJ8W) to discuss sif development and to ask questions. Feel free to open an issue on GitHub requesting an addition to sif or asking for help with an issue.
|
||||
### Using pre-built binaries
|
||||
|
||||
Contributions are welcome! Make sure to read `CONTRIBUTING.md` before submitting a pull request.
|
||||
Visit our [Releases](https://github.com/dropalldatabases/sif/releases) page to download the latest pre-built binary for your operating system.
|
||||
|
||||
### Building from source
|
||||
|
||||
1. Ensure you have Go 1.23+ installed on your system.
|
||||
2. Clone the repository:
|
||||
```
|
||||
git clone https://github.com/lunchcat/sif.git
|
||||
cd sif
|
||||
```
|
||||
3. Build using the Makefile:
|
||||
```
|
||||
make
|
||||
```
|
||||
4. The binary will be available in the root directory.
|
||||
|
||||
## 🚀 Quick Start
|
||||
|
||||
1. Run a basic scan:
|
||||
```
|
||||
./sif -u example.com
|
||||
```
|
||||
2. For more options and advanced usage, refer to the help command:
|
||||
```
|
||||
./sif -h
|
||||
```
|
||||
|
||||
## 🛠 Usage
|
||||
|
||||
sif offers a wide range of commands and options to customize your pentesting workflow. Here are some common usage examples:
|
||||
|
||||
- Directory fuzzing
|
||||
|
||||
```
|
||||
./sif -u http://example.com -dirlist medium
|
||||
```
|
||||
|
||||
- Subdomain enumeration
|
||||
|
||||
```
|
||||
./sif -u http://example.com -dnslist medium
|
||||
```
|
||||
|
||||
- Supabase/Firebase and C3 Vulnerability scanning
|
||||
|
||||
```
|
||||
./sif -u https://example.com -js -c3
|
||||
```
|
||||
|
||||
- Port scanning
|
||||
|
||||
```
|
||||
./sif -u https://example.com -ports common
|
||||
```
|
||||
|
||||
For a complete list of commands and options, run `./sif -h`.
|
||||
|
||||
## ⚡ Performance
|
||||
|
||||
sif is designed for high performance and efficiency:
|
||||
|
||||
- Written in Go for excellent concurrency and speed
|
||||
- Optimized algorithms for minimal resource usage
|
||||
- Supports multi-threading for faster scans
|
||||
- Efficient caching mechanisms to reduce redundant operations
|
||||
|
||||
## 🤝 Contributing
|
||||
|
||||
We welcome contributions from the community! Please read our [Contributing Guidelines](CONTRIBUTING.md) before submitting a pull request.
|
||||
|
||||
Areas we're particularly interested in:
|
||||
- New scanning modules
|
||||
- Performance improvements
|
||||
- Documentation enhancements
|
||||
- Bug fixes and error handling improvements
|
||||
|
||||
## 🌟 Contributors
|
||||
|
||||
Thanks to these wonderful people who have contributed to sif:
|
||||
|
||||
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
|
||||
<!-- prettier-ignore-start -->
|
||||
<!-- markdownlint-disable -->
|
||||
<table>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://vmfunc.re"><img src="https://avatars.githubusercontent.com/u/59031302?v=4?s=100" width="100px;" alt="mel"/><br /><sub><b>mel</b></sub></a><br /><a href="#maintenance-vmfunc" title="Maintenance">🚧</a> <a href="#mentoring-vmfunc" title="Mentoring">🧑🏫</a> <a href="#projectManagement-vmfunc" title="Project Management">📆</a> <a href="#security-vmfunc" title="Security">🛡️</a> <a href="#test-vmfunc" title="Tests">⚠️</a> <a href="#business-vmfunc" title="Business development">💼</a> <a href="#code-vmfunc" title="Code">💻</a> <a href="#design-vmfunc" title="Design">🎨</a> <a href="#financial-vmfunc" title="Financial">💵</a> <a href="#ideas-vmfunc" title="Ideas, Planning, & Feedback">🤔</a></td>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://projectdiscovery.io"><img src="https://avatars.githubusercontent.com/u/50994705?v=4?s=100" width="100px;" alt="ProjectDiscovery"/><br /><sub><b>ProjectDiscovery</b></sub></a><br /><a href="#platform-projectdiscovery" title="Packaging/porting to new platform">📦</a></td>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://github.com/macdoos"><img src="https://avatars.githubusercontent.com/u/127897805?v=4?s=100" width="100px;" alt="macdoos"/><br /><sub><b>macdoos</b></sub></a><br /><a href="#code-macdoos" title="Code">💻</a></td>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://epitech.eu"><img src="https://avatars.githubusercontent.com/u/75166283?v=4?s=100" width="100px;" alt="Matthieu Witrowiez"/><br /><sub><b>Matthieu Witrowiez</b></sub></a><br /><a href="#ideas-D3adPlays" title="Ideas, Planning, & Feedback">🤔</a></td>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://github.com/tessa-u-k"><img src="https://avatars.githubusercontent.com/u/109355732?v=4?s=100" width="100px;" alt="tessa "/><br /><sub><b>tessa </b></sub></a><br /><a href="#infra-tessa-u-k" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#question-tessa-u-k" title="Answering Questions">💬</a> <a href="#userTesting-tessa-u-k" title="User Testing">📓</a></td>
|
||||
<td align="center" valign="top" width="14.28%"><a href="https://github.com/xyzeva"><img src="https://avatars.githubusercontent.com/u/133499694?v=4?s=100" width="100px;" alt="Eva"/><br /><sub><b>Eva</b></sub></a><br /><a href="#blog-xyzeva" title="Blogposts">📝</a> <a href="#content-xyzeva" title="Content">🖋</a> <a href="#research-xyzeva" title="Research">🔬</a> <a href="#security-xyzeva" title="Security">🛡️</a> <a href="#test-xyzeva" title="Tests">⚠️</a> <a href="#code-xyzeva" title="Code">💻</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<!-- markdownlint-restore -->
|
||||
<!-- prettier-ignore-end -->
|
||||
|
||||
<!-- ALL-CONTRIBUTORS-LIST:END -->
|
||||
|
||||
## 🙏 Acknowledgements
|
||||
|
||||
We'd like to thank the following projects and communities for their inspiration and support:
|
||||
|
||||
- [ProjectDiscovery](https://projectdiscovery.io/) for their amazing open-source security tools
|
||||
- [Shodan](https://www.shodan.io/)
|
||||
- [Malcore](https://www.malcore.io/), for providing us direct API support at Lunchcat.
|
||||
|
||||
---
|
||||
|
||||
<div align="center">
|
||||
<strong>Happy Hunting! 🐾</strong>
|
||||
<p>
|
||||
<sub>Built with ❤️ by the lunchcat team and contributors worldwide</sub>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package main
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package format
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package templates
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,20 +1,51 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
// Package styles provides custom styling options for the SIF tool's console output.
|
||||
// It uses the lipgloss library to create visually appealing and consistent text styles.
|
||||
|
||||
package styles
|
||||
|
||||
import "github.com/charmbracelet/lipgloss"
|
||||
|
||||
var (
|
||||
// Separator style for creating visual breaks in the output
|
||||
Separator = lipgloss.NewStyle().
|
||||
Border(lipgloss.ThickBorder(), true, false).
|
||||
Bold(true)
|
||||
|
||||
// Status style for highlighting important status messages
|
||||
Status = lipgloss.NewStyle().
|
||||
Bold(true).
|
||||
Foreground(lipgloss.Color("#00ff1a"))
|
||||
|
||||
// Highlight style for emphasizing specific text
|
||||
Highlight = lipgloss.NewStyle().
|
||||
Bold(true).
|
||||
Underline(true)
|
||||
|
||||
// Box style for creating bordered content boxes
|
||||
Box = lipgloss.NewStyle().
|
||||
Bold(true).
|
||||
Foreground(lipgloss.Color("#fafafa")).
|
||||
@@ -24,6 +55,7 @@ var (
|
||||
PaddingLeft(15).
|
||||
Width(60)
|
||||
|
||||
// Subheading style for secondary titles or headers
|
||||
Subheading = lipgloss.NewStyle().
|
||||
Bold(true).
|
||||
Align(lipgloss.Center).
|
||||
@@ -32,14 +64,15 @@ var (
|
||||
Width(60)
|
||||
)
|
||||
|
||||
// Severity level styles for color-coding vulnerability severities
|
||||
var (
|
||||
SeverityLow = lipgloss.NewStyle().
|
||||
SeverityLow = lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#00ff00"))
|
||||
|
||||
SeverityMedium = lipgloss.NewStyle().
|
||||
SeverityMedium = lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#ffff00"))
|
||||
|
||||
SeverityHigh = lipgloss.NewStyle().
|
||||
SeverityHigh = lipgloss.NewStyle().
|
||||
Foreground(lipgloss.Color("#ff8800"))
|
||||
|
||||
SeverityCritical = lipgloss.NewStyle().
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package config
|
||||
|
||||
import (
|
||||
@@ -25,6 +49,10 @@ type Settings struct {
|
||||
File string
|
||||
ApiMode bool
|
||||
Template string
|
||||
CMS bool
|
||||
Headers bool
|
||||
CloudStorage bool
|
||||
SubdomainTakeover bool
|
||||
}
|
||||
|
||||
const (
|
||||
@@ -63,6 +91,10 @@ func Parse() *Settings {
|
||||
flagSet.BoolVar(&settings.NoScan, "noscan", false, "Do not perform base URL (robots.txt, etc) scanning"),
|
||||
flagSet.BoolVar(&settings.Whois, "whois", false, "Enable WHOIS lookup"),
|
||||
flagSet.BoolVar(&settings.JavaScript, "js", false, "Enable JavaScript scans"),
|
||||
flagSet.BoolVar(&settings.CMS, "cms", false, "Enable CMS detection"),
|
||||
flagSet.BoolVar(&settings.Headers, "headers", false, "Enable HTTP Header Analysis"),
|
||||
flagSet.BoolVar(&settings.CloudStorage, "c3", false, "Enable C3 Misconfiguration Scan"),
|
||||
flagSet.BoolVar(&settings.SubdomainTakeover, "st", false, "Enable Subdomain Takeover Check"),
|
||||
)
|
||||
|
||||
flagSet.CreateGroup("runtime", "Runtime",
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package logger
|
||||
|
||||
import (
|
||||
|
||||
@@ -0,0 +1,124 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
"os"
|
||||
|
||||
"github.com/charmbracelet/log"
|
||||
"github.com/dropalldatabases/sif/internal/styles"
|
||||
"github.com/dropalldatabases/sif/pkg/logger"
|
||||
)
|
||||
|
||||
type CloudStorageResult struct {
|
||||
BucketName string `json:"bucket_name"`
|
||||
IsPublic bool `json:"is_public"`
|
||||
}
|
||||
|
||||
func CloudStorage(url string, timeout time.Duration, logdir string) ([]CloudStorageResult, error) {
|
||||
fmt.Println(styles.Separator.Render("☁️ Starting " + styles.Status.Render("Cloud Storage Misconfiguration Scan") + "..."))
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, "Cloud Storage Misconfiguration Scan"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
cloudlog := log.NewWithOptions(os.Stderr, log.Options{
|
||||
Prefix: "C3 ☁️",
|
||||
}).With("url", url)
|
||||
|
||||
client := &http.Client{
|
||||
Timeout: timeout,
|
||||
}
|
||||
|
||||
potentialBuckets := extractPotentialBuckets(sanitizedURL)
|
||||
|
||||
var results []CloudStorageResult
|
||||
|
||||
for _, bucket := range potentialBuckets {
|
||||
isPublic, err := checkS3Bucket(bucket, client)
|
||||
if err != nil {
|
||||
cloudlog.Errorf("Error checking S3 bucket %s: %v", bucket, err)
|
||||
continue
|
||||
}
|
||||
|
||||
result := CloudStorageResult{
|
||||
BucketName: bucket,
|
||||
IsPublic: isPublic,
|
||||
}
|
||||
results = append(results, result)
|
||||
|
||||
if isPublic {
|
||||
cloudlog.Warnf("Public S3 bucket found: %s", styles.Highlight.Render(bucket))
|
||||
if logdir != "" {
|
||||
logger.Write(sanitizedURL, logdir, fmt.Sprintf("Public S3 bucket found: %s\n", bucket))
|
||||
}
|
||||
} else {
|
||||
cloudlog.Infof("S3 bucket is not public/found: %s", bucket)
|
||||
}
|
||||
}
|
||||
|
||||
return results, nil
|
||||
}
|
||||
|
||||
func extractPotentialBuckets(url string) []string {
|
||||
// This is a simple implementation.
|
||||
// TODO: add more cases
|
||||
parts := strings.Split(url, ".")
|
||||
var buckets []string
|
||||
for i, part := range parts {
|
||||
buckets = append(buckets, part)
|
||||
buckets = append(buckets, part+"-s3")
|
||||
buckets = append(buckets, "s3-"+part)
|
||||
|
||||
if i < len(parts)-1 {
|
||||
domainExtension := part + "-" + parts[i+1]
|
||||
buckets = append(buckets, domainExtension)
|
||||
buckets = append(buckets, parts[i+1] + "-" + part)
|
||||
}
|
||||
}
|
||||
return buckets
|
||||
}
|
||||
|
||||
func checkS3Bucket(bucket string, client *http.Client) (bool, error) {
|
||||
url := fmt.Sprintf("https://%s.s3.amazonaws.com", bucket)
|
||||
resp, err := client.Get(url)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
// If we can access the bucket listing, it's public
|
||||
return resp.StatusCode == http.StatusOK, nil
|
||||
}
|
||||
|
||||
+136
@@ -0,0 +1,136 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
"os"
|
||||
|
||||
"github.com/charmbracelet/log"
|
||||
"github.com/dropalldatabases/sif/internal/styles"
|
||||
"github.com/dropalldatabases/sif/pkg/logger"
|
||||
)
|
||||
|
||||
type CMSResult struct {
|
||||
Name string `json:"name"`
|
||||
Version string `json:"version"`
|
||||
}
|
||||
|
||||
func CMS(url string, timeout time.Duration, logdir string) (*CMSResult, error) {
|
||||
fmt.Println(styles.Separator.Render("🔍 Starting " + styles.Status.Render("CMS detection") + "..."))
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, "CMS detection"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
cmslog := log.NewWithOptions(os.Stderr, log.Options{
|
||||
Prefix: "CMS 🔍",
|
||||
}).With("url", url)
|
||||
|
||||
|
||||
client := &http.Client{
|
||||
Timeout: timeout,
|
||||
}
|
||||
|
||||
resp, err := client.Get(url)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
bodyString := string(body)
|
||||
|
||||
// WordPress
|
||||
if detectWordPress(url, client, bodyString) {
|
||||
result := &CMSResult{Name: "WordPress", Version: "Unknown"}
|
||||
cmslog.Infof("Detected CMS: %s", styles.Highlight.Render(result.Name))
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// Drupal
|
||||
if strings.Contains(resp.Header.Get("X-Drupal-Cache"), "HIT") || strings.Contains(bodyString, "Drupal.settings") {
|
||||
result := &CMSResult{Name: "Drupal", Version: "Unknown"}
|
||||
cmslog.Infof("Detected CMS: %s", styles.Highlight.Render(result.Name))
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// Joomla
|
||||
if strings.Contains(bodyString, "joomla") || strings.Contains(bodyString, "/media/system/js/core.js") {
|
||||
result := &CMSResult{Name: "Joomla", Version: "Unknown"}
|
||||
cmslog.Infof("Detected CMS: %s", styles.Highlight.Render(result.Name))
|
||||
return result, nil
|
||||
}
|
||||
|
||||
cmslog.Info("No CMS detected")
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func detectWordPress(url string, client *http.Client, bodyString string) bool {
|
||||
// Check for common WordPress indicators in the HTML
|
||||
wpIndicators := []string{
|
||||
"wp-content",
|
||||
"wp-includes",
|
||||
"wp-json",
|
||||
"wordpress",
|
||||
}
|
||||
|
||||
for _, indicator := range wpIndicators {
|
||||
if strings.Contains(bodyString, indicator) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// Check for WordPress-specific files
|
||||
wpFiles := []string{
|
||||
"/wp-login.php",
|
||||
"/wp-admin/",
|
||||
"/wp-config.php",
|
||||
}
|
||||
|
||||
for _, file := range wpFiles {
|
||||
resp, err := client.Get(url + file)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode == http.StatusOK || resp.StatusCode == http.StatusFound {
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
@@ -27,6 +51,18 @@ type DirectoryResult struct {
|
||||
StatusCode int `json:"status_code"`
|
||||
}
|
||||
|
||||
// Dirlist performs directory fuzzing on the target URL.
|
||||
//
|
||||
// Parameters:
|
||||
// - size: determines the size of the directory list to use ("small", "medium", or "large")
|
||||
// - url: the target URL to scan
|
||||
// - timeout: maximum duration for each request
|
||||
// - threads: number of concurrent threads to use
|
||||
// - logdir: directory to store log files (empty string for no logging)
|
||||
//
|
||||
// Returns:
|
||||
// - []DirectoryResult: a slice of discovered directories and their status codes
|
||||
// - error: any error encountered during the scan
|
||||
func Dirlist(size string, url string, timeout time.Duration, threads int, logdir string) ([]DirectoryResult, error) {
|
||||
|
||||
fmt.Println(styles.Separator.Render("📂 Starting " + styles.Status.Render("directory fuzzing") + "..."))
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
@@ -21,6 +45,18 @@ const (
|
||||
dnsBigFile = "subdomains-10000.txt"
|
||||
)
|
||||
|
||||
// Dnslist performs DNS subdomain enumeration on the target domain.
|
||||
//
|
||||
// Parameters:
|
||||
// - size: determines the size of the subdomain list to use ("small", "medium", or "large")
|
||||
// - url: the target URL to scan
|
||||
// - timeout: maximum duration for each DNS lookup
|
||||
// - threads: number of concurrent threads to use
|
||||
// - logdir: directory to store log files (empty string for no logging)
|
||||
//
|
||||
// Returns:
|
||||
// - []string: a slice of discovered subdomains
|
||||
// - error: any error encountered during the enumeration
|
||||
func Dnslist(size string, url string, timeout time.Duration, threads int, logdir string) ([]string, error) {
|
||||
|
||||
fmt.Println(styles.Separator.Render("📡 Starting " + styles.Status.Render("DNS fuzzing") + "..."))
|
||||
|
||||
+43
-3
@@ -1,3 +1,30 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
// Package scan provides various security scanning functionalities for web applications.
|
||||
// This file handles Google dorking operations.
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
@@ -21,11 +48,24 @@ const (
|
||||
dorkFile = "dork.txt"
|
||||
)
|
||||
|
||||
// DorkResult represents the result of a Google dork search.
|
||||
type DorkResult struct {
|
||||
Url string `json:"url"`
|
||||
Count int `json:"count"`
|
||||
Url string `json:"url"` // The URL found by the dork
|
||||
Count int `json:"count"` // The number of times this URL was found
|
||||
}
|
||||
|
||||
// Dork performs Google dorking operations on the target URL.
|
||||
// It uses a predefined list of dorks to search for potentially sensitive information.
|
||||
//
|
||||
// Parameters:
|
||||
// - url: The target URL to dork
|
||||
// - timeout: Maximum duration for each dork search
|
||||
// - threads: Number of concurrent threads to use
|
||||
// - logdir: Directory to store log files (empty string for no logging)
|
||||
//
|
||||
// Returns:
|
||||
// - []DorkResult: A slice of results from the dorking operation
|
||||
// - error: Any error encountered during the dorking process
|
||||
func Dork(url string, timeout time.Duration, threads int, logdir string) ([]DorkResult, error) {
|
||||
|
||||
fmt.Println(styles.Separator.Render("🤓 Starting " + styles.Status.Render("URL Dorking") + "..."))
|
||||
@@ -92,4 +132,4 @@ func Dork(url string, timeout time.Duration, threads int, logdir string) ([]Dork
|
||||
wg.Wait()
|
||||
|
||||
return dorkResults, nil
|
||||
}
|
||||
}
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
|
||||
@@ -0,0 +1,84 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
"os"
|
||||
|
||||
"github.com/charmbracelet/log"
|
||||
"github.com/dropalldatabases/sif/internal/styles"
|
||||
"github.com/dropalldatabases/sif/pkg/logger"
|
||||
)
|
||||
|
||||
type HeaderResult struct {
|
||||
Name string `json:"name"`
|
||||
Value string `json:"value"`
|
||||
}
|
||||
|
||||
func Headers(url string, timeout time.Duration, logdir string) ([]HeaderResult, error) {
|
||||
fmt.Println(styles.Separator.Render("🔍 Starting " + styles.Status.Render("HTTP Header Analysis") + "..."))
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, "HTTP Header Analysis"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
headerlog := log.NewWithOptions(os.Stderr, log.Options{
|
||||
Prefix: "Headers 🔍",
|
||||
}).With("url", url)
|
||||
|
||||
client := &http.Client{
|
||||
Timeout: timeout,
|
||||
}
|
||||
|
||||
resp, err := client.Get(url)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
var results []HeaderResult
|
||||
|
||||
for name, values := range resp.Header {
|
||||
for _, value := range values {
|
||||
results = append(results, HeaderResult{Name: name, Value: value})
|
||||
headerlog.Infof("%s: %s", styles.Highlight.Render(name), value)
|
||||
if logdir != "" {
|
||||
logger.Write(sanitizedURL, logdir, fmt.Sprintf("%s: %s\n", name, value))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return results, nil
|
||||
}
|
||||
|
||||
@@ -1,3 +1,28 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
What we are doing is abusing a internal file in Next.js pages router called
|
||||
_buildManifest.js which lists all routes and script files ever referenced in
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package js
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
// todo: scan for storage and auth vulns
|
||||
|
||||
package js
|
||||
|
||||
@@ -1,30 +0,0 @@
|
||||
package scan
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/charmbracelet/log"
|
||||
"github.com/dropalldatabases/sif/internal/styles"
|
||||
"github.com/dropalldatabases/sif/pkg/logger"
|
||||
)
|
||||
|
||||
func Lfi(url string, logdir string) {
|
||||
fmt.Println(styles.Separator.Render("💭 Starting " + styles.Status.Render("LFI Scanning") + "..."))
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, " LFI scanning"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
whoislog := log.NewWithOptions(os.Stderr, log.Options{
|
||||
Prefix: "LFI 💭",
|
||||
})
|
||||
|
||||
whoislog.Infof("Starting LFI")
|
||||
|
||||
}
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,33 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
|
||||
// The scan package provides a collection of security scanning functions.
|
||||
//
|
||||
// Each scanning function typically returns a slice of custom result structures and an error.
|
||||
// The package utilizes concurrent operations to improve scanning performance and provides
|
||||
// options for logging and timeout management.
|
||||
package scan
|
||||
|
||||
import (
|
||||
@@ -35,6 +65,14 @@ func fetchRobotsTXT(url string, client *http.Client) *http.Response {
|
||||
return resp
|
||||
}
|
||||
|
||||
// Scan performs a basic URL scan, including checks for robots.txt and other common endpoints.
|
||||
// It logs the results and doesn't return any values.
|
||||
//
|
||||
// Parameters:
|
||||
// - url: the target URL to scan
|
||||
// - timeout: maximum duration for the scan
|
||||
// - threads: number of concurrent threads to use
|
||||
// - logdir: directory to store log files (empty string for no logging)
|
||||
func Scan(url string, timeout time.Duration, threads int, logdir string) {
|
||||
fmt.Println(styles.Separator.Render("🐾 Starting " + styles.Status.Render("base url scanning") + "..."))
|
||||
|
||||
|
||||
@@ -0,0 +1,168 @@
|
||||
package scan
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
"os"
|
||||
"sync"
|
||||
"github.com/charmbracelet/log"
|
||||
"github.com/dropalldatabases/sif/internal/styles"
|
||||
"github.com/dropalldatabases/sif/pkg/logger"
|
||||
)
|
||||
|
||||
// SubdomainTakeoverResult represents the outcome of a subdomain takeover vulnerability check.
|
||||
// It includes the subdomain tested, whether it's vulnerable, and the potentially vulnerable service.
|
||||
type SubdomainTakeoverResult struct {
|
||||
Subdomain string `json:"subdomain"`
|
||||
Vulnerable bool `json:"vulnerable"`
|
||||
Service string `json:"service,omitempty"`
|
||||
}
|
||||
|
||||
// SubdomainTakeover checks for potential subdomain takeover vulnerabilities.
|
||||
//
|
||||
// Parameters:
|
||||
// - url: the target URL to scan
|
||||
// - dnsResults: a slice of subdomains to check (typically from Dnslist function)
|
||||
// - timeout: maximum duration for each subdomain check
|
||||
// - threads: number of concurrent threads to use
|
||||
// - logdir: directory to store log files (empty string for no logging)
|
||||
//
|
||||
// Returns:
|
||||
// - []SubdomainTakeoverResult: a slice of results for each checked subdomain
|
||||
// - error: any error encountered during the scan
|
||||
func SubdomainTakeover(url string, dnsResults []string, timeout time.Duration, threads int, logdir string) ([]SubdomainTakeoverResult, error) {
|
||||
fmt.Println(styles.Separator.Render("🔍 Starting " + styles.Status.Render("Subdomain Takeover Vulnerability Check") + "..."))
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, "Subdomain Takeover Vulnerability Check"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
subdomainlog := log.NewWithOptions(os.Stderr, log.Options{
|
||||
Prefix: "Subdomain Takeover 🔍",
|
||||
})
|
||||
|
||||
client := &http.Client{
|
||||
Timeout: timeout,
|
||||
}
|
||||
|
||||
var wg sync.WaitGroup
|
||||
wg.Add(threads)
|
||||
|
||||
resultsChan := make(chan SubdomainTakeoverResult, len(dnsResults))
|
||||
|
||||
for thread := 0; thread < threads; thread++ {
|
||||
go func(thread int) {
|
||||
defer wg.Done()
|
||||
|
||||
for i, subdomain := range dnsResults {
|
||||
if i%threads != thread {
|
||||
continue
|
||||
}
|
||||
|
||||
vulnerable, service := checkSubdomainTakeover(subdomain, client)
|
||||
result := SubdomainTakeoverResult{
|
||||
Subdomain: subdomain,
|
||||
Vulnerable: vulnerable,
|
||||
Service: service,
|
||||
}
|
||||
resultsChan <- result
|
||||
|
||||
if vulnerable {
|
||||
subdomainlog.Warnf("Potential subdomain takeover: %s (%s)", styles.Highlight.Render(subdomain), service)
|
||||
if logdir != "" {
|
||||
logger.Write(sanitizedURL, logdir, fmt.Sprintf("Potential subdomain takeover: %s (%s)\n", subdomain, service))
|
||||
}
|
||||
} else {
|
||||
subdomainlog.Infof("Subdomain not vulnerable: %s", subdomain)
|
||||
}
|
||||
}
|
||||
}(thread)
|
||||
}
|
||||
|
||||
go func() {
|
||||
wg.Wait()
|
||||
close(resultsChan)
|
||||
}()
|
||||
|
||||
var results []SubdomainTakeoverResult
|
||||
for result := range resultsChan {
|
||||
results = append(results, result)
|
||||
}
|
||||
|
||||
return results, nil
|
||||
}
|
||||
|
||||
func checkSubdomainTakeover(subdomain string, client *http.Client) (bool, string) {
|
||||
resp, err := client.Get("http://" + subdomain)
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "no such host") {
|
||||
// Check if CNAME exists
|
||||
cname, err := net.LookupCNAME(subdomain)
|
||||
if err == nil && cname != "" {
|
||||
return true, "Dangling CNAME"
|
||||
}
|
||||
}
|
||||
return false, ""
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, _ := io.ReadAll(resp.Body)
|
||||
bodyString := string(body)
|
||||
|
||||
// Check for common takeover signatures in the response
|
||||
signatures := map[string]string{
|
||||
"GitHub Pages": "There isn't a GitHub Pages site here.",
|
||||
"Heroku": "No such app",
|
||||
"Shopify": "Sorry, this shop is currently unavailable.",
|
||||
"Tumblr": "There's nothing here.",
|
||||
"WordPress": "Do you want to register *.wordpress.com?",
|
||||
"Amazon S3": "The specified bucket does not exist",
|
||||
"Bitbucket": "Repository not found",
|
||||
"Ghost": "The thing you were looking for is no longer here, or never was",
|
||||
"Pantheon": "The gods are wise, but do not know of the site which you seek.",
|
||||
"Fastly": "Fastly error: unknown domain",
|
||||
"Zendesk": "Help Center Closed",
|
||||
"Teamwork": "Oops - We didn't find your site.",
|
||||
"Helpjuice": "We could not find what you're looking for.",
|
||||
"Helpscout": "No settings were found for this company:",
|
||||
"Cargo": "If you're moving your domain away from Cargo you must make this configuration through your registrar's DNS control panel.",
|
||||
"Uservoice": "This UserVoice subdomain is currently available!",
|
||||
"Surge": "project not found",
|
||||
"Intercom": "This page is reserved for artistic dogs.",
|
||||
"Webflow": "The page you are looking for doesn't exist or has been moved.",
|
||||
"Kajabi": "The page you were looking for doesn't exist.",
|
||||
"Thinkific": "You may have mistyped the address or the page may have moved.",
|
||||
"Tave": "Sorry, this page is no longer available.",
|
||||
"Wishpond": "https://www.wishpond.com/404?campaign=true",
|
||||
"Aftership": "Oops.</h2><p class=\"text-muted text-tight\">The page you're looking for doesn't exist.",
|
||||
"Aha": "There is no portal here ... sending you back to Aha!",
|
||||
"Brightcove": "<p class=\"bc-gallery-error-code\">Error Code: 404</p>",
|
||||
"Bigcartel": "<h1>Oops! We couldn’t find that page.</h1>",
|
||||
"Activecompaign": "alt=\"LIGHTTPD - fly light.\"",
|
||||
"Compaignmonitor": "Double check the URL or <a href=\"mailto:help@createsend.com",
|
||||
"Acquia": "The site you are looking for could not be found.",
|
||||
"Proposify": "If you need immediate assistance, please contact <a href=\"mailto:support@proposify.biz",
|
||||
"Simplebooklet": "We can't find this <a href=\"https://simplebooklet.com",
|
||||
"Getresponse": "With GetResponse Landing Pages, lead generation has never been easier",
|
||||
"Vend": "Looks like you've traveled too far into cyberspace.",
|
||||
"Jetbrains": "is not a registered InCloud YouTrack.",
|
||||
"Azure": "404 Web Site not found.",
|
||||
}
|
||||
|
||||
for service, signature := range signatures {
|
||||
if strings.Contains(bodyString, signature) {
|
||||
return true, service
|
||||
}
|
||||
}
|
||||
|
||||
return false, ""
|
||||
}
|
||||
+25
-1
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package scan
|
||||
|
||||
import (
|
||||
@@ -16,7 +40,7 @@ func Whois(url string, logdir string) {
|
||||
|
||||
sanitizedURL := strings.Split(url, "://")[1]
|
||||
if logdir != "" {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, " port scanning"); err != nil {
|
||||
if err := logger.WriteHeader(sanitizedURL, logdir, " WHOIS scanning"); err != nil {
|
||||
log.Errorf("Error creating log file: %v", err)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -1,3 +1,27 @@
|
||||
/*
|
||||
╔══════════════════════════════════════════════════════════════════════════════╗
|
||||
║ ║
|
||||
║ SIF ║
|
||||
║ ║
|
||||
║ Blazing-fast pentesting suite written in Go ║
|
||||
║ ║
|
||||
║ Copyright (c) 2023-2024 vmfunc, xyzeva, lunchcat contributors ║
|
||||
║ and other sif contributors. ║
|
||||
║ ║
|
||||
║ ║
|
||||
║ Use of this tool is restricted to research and educational ║
|
||||
║ purposes only. Usage in a production environment outside ║
|
||||
║ of these categories is strictly prohibited. ║
|
||||
║ ║
|
||||
║ Any person or entity wishing to use this tool outside of ║
|
||||
║ research or educational purposes must purchase a license ║
|
||||
║ from https://lunchcat.dev ║
|
||||
║ ║
|
||||
║ For more information, visit: https://github.com/lunchcat/sif ║
|
||||
║ ║
|
||||
╚══════════════════════════════════════════════════════════════════════════════╝
|
||||
*/
|
||||
|
||||
package utils
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
// Package sif provides the main functionality for the SIF (Security Information Finder) tool.
|
||||
// It handles the initialization, configuration, and execution of various security scanning modules.
|
||||
|
||||
package sif
|
||||
|
||||
import (
|
||||
@@ -16,8 +19,8 @@ import (
|
||||
jsscan "github.com/dropalldatabases/sif/pkg/scan/js"
|
||||
)
|
||||
|
||||
// App is a client instance. It is first initialised using New and then ran
|
||||
// using Run, which starts the whole app process.
|
||||
// App represents the main application structure for sif.
|
||||
// It encapsulates the configuration settings, target URLs, and logging information.
|
||||
type App struct {
|
||||
settings *config.Settings
|
||||
targets []string
|
||||
@@ -65,7 +68,7 @@ func New(settings *config.Settings) (*App, error) {
|
||||
app.targets = append(app.targets, scanner.Text())
|
||||
}
|
||||
} else {
|
||||
return app, errors.New("target(s) must be supplied with -u or -f")
|
||||
return app, errors.New("target(s) must be supplied with -u or -f\n\nSee 'sif -h' for more information")
|
||||
}
|
||||
|
||||
return app, nil
|
||||
@@ -116,13 +119,28 @@ func (app *App) Run() error {
|
||||
}
|
||||
}
|
||||
|
||||
var dnsResults []string
|
||||
|
||||
if app.settings.Dnslist != "none" {
|
||||
result, err := scan.Dnslist(app.settings.Dnslist, url, app.settings.Timeout, app.settings.Threads, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running dns scan: %s", err)
|
||||
} else {
|
||||
moduleResults = append(moduleResults, ModuleResult{"dnslist", result})
|
||||
dnsResults = result // Store the DNS results
|
||||
}
|
||||
|
||||
// Only run subdomain takeover check if DNS scan is enabled
|
||||
if app.settings.SubdomainTakeover {
|
||||
result, err := scan.SubdomainTakeover(url, dnsResults, app.settings.Timeout, app.settings.Threads, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running Subdomain Takeover Vulnerability Check: %s", err)
|
||||
} else {
|
||||
moduleResults = append(moduleResults, ModuleResult{"subdomain_takeover", result})
|
||||
}
|
||||
}
|
||||
} else if app.settings.SubdomainTakeover {
|
||||
log.Warnf("Subdomain Takeover check is enabled but DNS scan is disabled. Skipping Subdomain Takeover check.")
|
||||
}
|
||||
|
||||
if app.settings.Ports != "none" {
|
||||
@@ -166,6 +184,43 @@ func (app *App) Run() error {
|
||||
}
|
||||
}
|
||||
|
||||
if app.settings.CMS {
|
||||
result, err := scan.CMS(url, app.settings.Timeout, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running CMS detection: %s", err)
|
||||
} else if result != nil {
|
||||
moduleResults = append(moduleResults, ModuleResult{"cms", result})
|
||||
}
|
||||
}
|
||||
|
||||
if app.settings.Headers {
|
||||
result, err := scan.Headers(url, app.settings.Timeout, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running HTTP Header Analysis: %s", err)
|
||||
} else {
|
||||
moduleResults = append(moduleResults, ModuleResult{"headers", result})
|
||||
}
|
||||
}
|
||||
|
||||
if app.settings.CloudStorage {
|
||||
result, err := scan.CloudStorage(url, app.settings.Timeout, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running C3 Scan: %s", err)
|
||||
} else {
|
||||
moduleResults = append(moduleResults, ModuleResult{"cloudstorage", result})
|
||||
}
|
||||
}
|
||||
|
||||
if app.settings.SubdomainTakeover {
|
||||
// Pass the dnsResults to the SubdomainTakeover function
|
||||
result, err := scan.SubdomainTakeover(url, dnsResults, app.settings.Timeout, app.settings.Threads, app.settings.LogDir)
|
||||
if err != nil {
|
||||
log.Errorf("Error while running Subdomain Takeover Vulnerability Check: %s", err)
|
||||
} else {
|
||||
moduleResults = append(moduleResults, ModuleResult{"subdomain_takeover", result})
|
||||
}
|
||||
}
|
||||
|
||||
if app.settings.ApiMode {
|
||||
result := UrlResult{
|
||||
Url: url,
|
||||
@@ -189,4 +244,4 @@ func (app *App) Run() error {
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user