mirror of
https://github.com/lunchcat/sif.git
synced 2026-01-10 20:23:38 -08:00
4942425ce5
- add docs/ with installation, usage, modules, scans, and api docs - add docs link to main readme - fix release.yml to bundle modules directory with releases - add module system tests to runtest.yml - standardize go version to 1.23 across workflows
1.6 KiB
1.6 KiB
quickstart
get up and running with sif in minutes.
basic scan
run a basic scan against a target:
./sif -u https://example.com
this performs a base scan checking robots.txt, common files, and basic reconnaissance.
add more scans
enable additional scan types with flags:
# directory fuzzing
./sif -u https://example.com -dirlist medium
# subdomain enumeration
./sif -u https://example.com -dnslist small
# port scanning
./sif -u https://example.com -ports common
# framework detection
./sif -u https://example.com -framework
run modules
sif has a modular architecture with yaml-based security checks:
# list available modules
./sif -lm
# run all modules
./sif -u https://example.com -am
# run specific modules
./sif -u https://example.com -m sqli-error-based,xss-reflected
# run by tag
./sif -u https://example.com -mt owasp-top10
multiple targets
scan multiple urls:
./sif -u https://site1.com,https://site2.com
or from a file:
./sif -f targets.txt
save output
save results to a log directory:
./sif -u https://example.com -l ./logs
json output
for automation, use api mode:
./sif -u https://example.com -api
full scan example
run everything:
./sif -u https://example.com \
-dirlist medium \
-dnslist small \
-ports common \
-framework \
-js \
-headers \
-git \
-am \
-l ./logs