sif is built with a modular architecture, allowing for easy extension and customization. Some of our key modules include:
- π Directory/file fuzzing/scanning
- π‘ DNS subdomain enumeration
- πΎ Common Web scanning
- π₯οΈ Port/service scanning
- π¦ Vulnerability scanning
- Support for pre-existing nuclei templates
- Metasploit emulation for execution
- π Automated Google dorking
- π Shodan integration
- π¦ CMS detection
- π HTTP Header Analysis
- βοΈ C3 Misconfiguration Scanner
- π Subdomain Takeover Checks
Visit our Releases page to download the latest pre-built binary for your operating system.
- Ensure you have Go 1.23+ installed on your system.
- Clone the repository:
git clone https://github.com/lunchcat/sif.git cd sif - Build using the Makefile:
make - The binary will be available in the root directory.
- Run a basic scan:
./sif -u example.com - For more options and advanced usage, refer to the help command:
./sif -h
sif offers a wide range of commands and options to customize your pentesting workflow. Here are some common usage examples:
- Directory fuzzing
./sif -u http://example.com -dirlist medium
- Subdomain enumeration
./sif -u http://example.com -dnslist medium
- Supabase/Firebase and C3 Vulnerability scanning
./sif -u https://example.com -js -c3
- Port scanning
./sif -u https://example.com -ports common
For a complete list of commands and options, run ./sif -h.
sif is designed for high performance and efficiency:
- Written in Go for excellent concurrency and speed
- Optimized algorithms for minimal resource usage
- Supports multi-threading for faster scans
- Efficient caching mechanisms to reduce redundant operations
We welcome contributions from the community! Please read our Contributing Guidelines before submitting a pull request.
Areas we're particularly interested in:
- New scanning modules
- Performance improvements
- Documentation enhancements
- Bug fixes and error handling improvements
Thanks to these wonderful people who have contributed to sif:
 mel π§ π§βπ« π π‘οΈ |
 ProjectDiscovery π¦ |
 macdoos π» |
 Matthieu Witrowiez π€ |
 tessa π π¬ π |
 Eva π π π¬ π‘οΈ |
We'd like to thank the following projects and communities for their inspiration and support:
- ProjectDiscovery for their amazing open-source security tools
- Shodan
- Malcore, for providing us direct API support at Lunchcat.
Built with β€οΈ by the lunchcat team and contributors worldwide