mirror of
https://github.com/lunchcat/sif.git
synced 2026-07-03 03:14:53 -07:00
9f3b9eaa55
load yaml-defined detectors from ~/.config/sif/signatures (AppData\Local on windows), mirroring the user-modules convention, so a framework sif does not ship can be detected without a rebuild. they load lazily once per run from DetectFramework and register alongside the built-ins. each file is one detector, scored by the same weighted signature match as the built-ins. confidence is linear rather than their sigmoid (importing it would cycle), so a detector clears the 0.5 threshold once its matched weights pass half. a name matching a built-in overrides it and inherits that built-in's version patterns and cves, the same as a user module. a single unparseable file warns and is skipped rather than failing the scan. implements the custom signature support help-wanted item in contributing.
sif documentation
welcome to the sif documentation. sif is a modular pentesting toolkit designed to be fast, concurrent, and extensible.
table of contents
getting started
- installation - how to install sif
- quickstart - get up and running in minutes
- usage - command line options and examples
features
reference
- configuration - runtime configuration options
- api mode - json output for automation
contributing
- development - setting up a dev environment
- writing modules - create your own modules
quick links
# install
git clone https://github.com/dropalldatabases/sif.git && cd sif && make
# basic scan
./sif -u https://example.com
# list modules
./sif -lm
# run all modules
./sif -u https://example.com -am
# help
./sif -h
support
- github issues - bug reports and feature requests
- discord - community chat