gitea-mirror/sif: the blazing-fast pentesting suite. - sif

mirror of https://github.com/lunchcat/sif.git synced 2026-01-08 11:21:10 -08:00

Go to file

Celeste Hickenlooper 02bb8aed1b Merge pull request #55 from 0x4bs3nt/docs/contributing-update

docs: update CONTRIBUTING.md

2026-01-05 23:50:02 -08:00

.github/workflows

fix: use dynamic versioning for debian packages

2026-01-05 20:55:30 -08:00

assets

design: update banner

2024-11-14 06:51:54 +01:00

cmd/sif

refactor: move pkg/scan to internal/scan

2026-01-03 05:57:10 -08:00

docs

docs: add comprehensive documentation and fix github actions

2026-01-03 05:57:10 -08:00

internal

chore: add license headers to missing files

2026-01-03 06:01:00 -08:00

modules

feat: add built-in yaml modules for security scanning

2026-01-03 05:57:10 -08:00

.all-contributorsrc

docs: update contributor name and add vxfemboy

2026-01-02 19:56:44 -08:00

.gitignore

chore: upgrade to go 1.25 and ignore claude files

2026-01-02 17:13:16 -08:00

.golangci.yml

ci: enhance golangci-lint with additional linters

2026-01-03 05:57:09 -08:00

CODE_OF_CONDUCT.md

Update README.md and add CONTRIBUTING, COC

2023-09-14 20:48:26 +03:00

CONTRIBUTING.md

fix: discord invite

2026-01-06 06:35:32 +01:00

flake.lock

chore(nix): modernize flake to use buildGoModule

2026-01-03 00:25:37 -08:00

flake.nix

chore(nix): modernize flake to use buildGoModule

2026-01-03 00:25:37 -08:00

go.mod

ci: upgrade to go 1.24 in all workflows

2026-01-03 06:04:33 -08:00

go.sum

fix: update dependencies to address security vulnerabilities

2026-01-02 18:03:27 -08:00

LICENSE

license: switch to bsd 3-clause, update headers and readme

2026-01-02 17:41:18 -08:00

Makefile

chore: update to be compatible with all minor Go updates

2025-03-15 15:26:09 +05:30

README.md

docs: add apt/cloudsmith installation instructions and badge

2026-01-05 20:28:30 -08:00

sif_test.go

refactor: move config to internal

2026-01-03 05:57:10 -08:00

sif.code-workspace

adding vscode workspace files to project

2023-09-01 18:39:00 +02:00

sif.go

feat(output): add styled console output with module loggers

2026-01-03 05:57:10 -08:00

template-example.toml

feat: update template properly

2024-07-10 05:00:53 -04:00

README.md

install · usage · modules · docs · contribute

what is sif?

sif is a modular pentesting toolkit written in go. it's designed to be fast, concurrent, and extensible. run multiple scan types against targets with a single command.

./sif -u https://example.com -all

install

homebrew (macos)

brew tap vmfunc/sif
brew install sif

arch linux (aur)

install using your preferred aur helper:

yay -S sif
# or
paru -S sif

debian/ubuntu (apt)

curl -1sLf 'https://dl.cloudsmith.io/public/sif/deb/setup.deb.sh' | sudo -E bash
sudo apt-get install sif

from releases

grab the latest binary from releases.

from source

git clone https://github.com/vmfunc/sif.git
cd sif
make

requires go 1.23+

aur (manual install)

git clone https://aur.archlinux.org/sif.git
cd sif
makepkg -si

usage

# basic scan
./sif -u https://example.com

# directory fuzzing
./sif -u https://example.com -dirlist medium

# subdomain enumeration
./sif -u https://example.com -dnslist medium

# port scanning
./sif -u https://example.com -ports common

# javascript framework detection + cloud misconfig
./sif -u https://example.com -js -c3

# shodan host intelligence (requires SHODAN_API_KEY env var)
./sif -u https://example.com -shodan

# sql recon + lfi scanning
./sif -u https://example.com -sql -lfi

# framework detection (with cve lookup)
./sif -u https://example.com -framework

# everything
./sif -u https://example.com -all

run ./sif -h for all options.

modules

sif has a modular architecture. modules are defined in yaml and can be extended by users.

built-in scan flags

flag	description
`-dirlist`	directory and file fuzzing (small/medium/large)
`-dnslist`	subdomain enumeration (small/medium/large)
`-ports`	port scanning (common/full)
`-nuclei`	vulnerability scanning with nuclei templates
`-dork`	automated google dorking
`-js`	javascript analysis
`-c3`	cloud storage misconfiguration
`-headers`	http header analysis
`-st`	subdomain takeover detection
`-cms`	cms detection
`-whois`	whois lookups
`-git`	exposed git repository detection
`-shodan`	shodan lookup (requires SHODAN_API_KEY)
`-sql`	sql recon
`-lfi`	local file inclusion
`-framework`	framework detection with cve lookup

yaml modules

list available modules:

./sif -lm

run specific modules:

# run by id
./sif -u https://example.com -m sqli-error-based,xss-reflected

# run by tag
./sif -u https://example.com -mt owasp-top10

# run all modules
./sif -u https://example.com -am

custom modules

create your own modules in ~/.config/sif/modules/. modules use a yaml format similar to nuclei templates:

id: my-custom-check
info:
  name: my custom security check
  author: you
  severity: medium
  description: checks for something specific
  tags: [custom, recon]

type: http

http:
  method: GET
  paths:
    - "{{BaseURL}}/admin"
    - "{{BaseURL}}/login"

  matchers:
    - type: status
      status:
        - 200

    - type: word
      part: body
      words:
        - "admin panel"
        - "login"
      condition: or

see docs/modules.md for the full module format.

contribute

contributions welcome. see contributing.md for guidelines.

# format
gofmt -w .

# lint
golangci-lint run

# test
go test ./...

community

join our discord for support, feature discussions, and pentesting tips:

contributors

_{Celeste Hickenlooper} 🚧 🧑‍🏫 📆 🛡️ 💻	_{ProjectDiscovery} 📦	_macdoos 💻	_{Matthieu Witrowiez} 🤔	_tessa 🚇 💬 📓	_Eva 📝 🖋 🔬 🛡️ ⚠️ 💻	_{Zoa Hickenlooper} 💻
_acxtrilla 📦

acknowledgements

projectdiscovery for nuclei and other security tools
shodan for infrastructure intelligence

_{bsd 3-clause license · made by vmfunc, xyzeva, and contributors}