Sif

<div align="center"> <img src="assets/banner.png" alt="sif" width="600">

<br><br>

install · usage · modules · docs · contribute

</div>

---

what is sif?

sif is a modular pentesting toolkit written in go. it's designed to be fast, concurrent, and extensible. run multiple scan types against targets with a single command.

./sif -u https://example.com -all

install

homebrew (macos)

brew tap vmfunc/sif
brew install sif

arch linux (aur)

install using your preferred aur helper:

yay -S sif
# or
paru -S sif

nix

# nixpkgs (declarative — add to configuration.nix or home-manager)
environment.systemPackages = [ pkgs.sif ];

# or imperatively
nix profile install nixpkgs#sif

# or just run it without installing
nix run nixpkgs#sif -- -u https://example.com -all

the repo also ships a flake if you want to build from source:

nix run github:vmfunc/sif

debian/ubuntu (apt)

curl -1sLf 'https://dl.cloudsmith.io/public/sif/deb/setup.deb.sh' | sudo -E bash
sudo apt-get install sif

from releases

grab the latest binary from releases.

from source

git clone https://github.com/vmfunc/sif.git
cd sif
make

requires go 1.23+

aur (manual install)

git clone https://aur.archlinux.org/sif.git
cd sif
makepkg -si

usage

# basic scan
./sif -u https://example.com

# directory fuzzing
./sif -u https://example.com -dirlist medium

# subdomain enumeration
./sif -u https://example.com -dnslist medium

# port scanning
./sif -u https://example.com -ports common

# javascript framework detection + cloud misconfig
./sif -u https://example.com -js -c3

# shodan host intelligence (requires SHODAN_API_KEY env var)
./sif -u https://example.com -shodan

# securitytrails domain discovery (requires SECURITYTRAILS_API_KEY env var)
# discovers subdomains + associated domains, then scans all of them
./sif -u https://example.com -securitytrails -headers

# sql recon + lfi scanning
./sif -u https://example.com -sql -lfi

# framework detection (with cve lookup)
./sif -u https://example.com -framework

# everything
./sif -u https://example.com -all

run ./sif -h for all options.

modules

sif has a modular architecture. modules are defined in yaml and can be extended by users.

built-in scan flags

| flag | description | |------|-------------| | -dirlist | directory and file fuzzing (small/medium/large) | | -dnslist | subdomain enumeration (small/medium/large) | | -ports | port scanning (common/full) | | -nuclei | vulnerability scanning with nuclei templates | | -dork | automated google dorking | | -js | javascript analysis | | -c3 | cloud storage misconfiguration | | -headers | http header analysis | | -st | subdomain takeover detection | | -cms | cms detection | | -whois | whois lookups | | -git | exposed git repository detection | | -shodan | shodan lookup (requires SHODAN_API_KEY) | | -securitytrails | domain discovery + target expansion (requires SECURITYTRAILS_API_KEY) | | -sql | sql recon | | -lfi | local file inclusion | | -framework | framework detection with cve lookup |

yaml modules

list available modules:

./sif -lm

run specific modules:

# run by id
./sif -u https://example.com -m sqli-error-based,xss-reflected

# run by tag
./sif -u https://example.com -mt owasp-top10

# run all modules
./sif -u https://example.com -am

custom modules

create your own modules in ~/.config/sif/modules/. modules use a yaml format similar to nuclei templates:

id: my-custom-check
info:
  name: my custom security check
  author: you
  severity: medium
  description: checks for something specific
  tags: [custom, recon]

type: http

http:
  method: GET
  paths:
    - "{{BaseURL}}/admin"
    - "{{BaseURL}}/login"

  matchers:
    - type: status
      status:
        - 200

    - type: word
      part: body
      words:
        - "admin panel"
        - "login"
      condition: or

see docs/modules.md for the full module format.

contribute

contributions welcome. see contributing.md for guidelines.

# format
gofmt -w .

# lint
golangci-lint run

# test
go test ./...

community

join our discord for support, feature discussions, and pentesting tips:

contributors

<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section --> <!-- prettier-ignore-start --> <!-- markdownlint-disable --> <table> <tbody> <tr> <td align="center" valign="top" width="14.28%"><a href="https://vmfunc.re"><img src="https://avatars.githubusercontent.com/u/59031302?v=4?s=100" width="100px;" alt="vmfunc"/><br />_{<b>vmfunc</b>}</a><br /><a href="#maintenance-vmfunc" title="Maintenance">🚧</a> <a href="#mentoring-vmfunc" title="Mentoring">🧑‍🏫</a> <a href="#projectManagement-vmfunc" title="Project Management">📆</a> <a href="#security-vmfunc" title="Security">🛡️</a> <a href="https://github.com/lunchcat/sif/commits?author=vmfunc" title="Code">💻</a></td> <td align="center" valign="top" width="14.28%"><a href="https://projectdiscovery.io"><img src="https://avatars.githubusercontent.com/u/50994705?v=4?s=100" width="100px;" alt="ProjectDiscovery"/><br />_{<b>ProjectDiscovery</b>}</a><br /><a href="#platform-projectdiscovery" title="Packaging/porting to new platform">📦</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/macdoos"><img src="https://avatars.githubusercontent.com/u/127897805?v=4?s=100" width="100px;" alt="macdoos"/><br />_{<b>macdoos</b>}</a><br /><a href="https://github.com/lunchcat/sif/commits?author=macdoos" title="Code">💻</a></td> <td align="center" valign="top" width="14.28%"><a href="https://epitech.eu"><img src="https://avatars.githubusercontent.com/u/75166283?v=4?s=100" width="100px;" alt="Matthieu Witrowiez"/><br />_{<b>Matthieu Witrowiez</b>}</a><br /><a href="#ideas-D3adPlays" title="Ideas, Planning, & Feedback">🤔</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/tessa-u-k"><img src="https://avatars.githubusercontent.com/u/109355732?v=4?s=100" width="100px;" alt="tessa "/><br />_{<b>tessa </b>}</a><br /><a href="#infra-tessa-u-k" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#question-tessa-u-k" title="Answering Questions">💬</a> <a href="#userTesting-tessa-u-k" title="User Testing">📓</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/xyzeva"><img src="https://avatars.githubusercontent.com/u/133499694?v=4?s=100" width="100px;" alt="Eva"/><br />_<b>Eva</b></a><br /><a href="#blog-xyzeva" title="Blogposts">📝</a> <a href="#content-xyzeva" title="Content">🖋</a> <a href="#research-xyzeva" title="Research">🔬</a> <a href="#security-xyzeva" title="Security">🛡️</a> <a href="https://github.com/lunchcat/sif/commits?author=xyzeva" title="Tests">⚠️</a> <a href="https://github.com/lunchcat/sif/commits?author=xyzeva" title="Code">💻</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/vxfemboy"><img src="https://avatars.githubusercontent.com/u/79362520?v=4?s=100" width="100px;" alt="Zoa Hickenlooper"/><br />_{<b>Zoa Hickenlooper</b>}</a><br /><a href="https://github.com/lunchcat/sif/commits?author=vxfemboy" title="Code">💻</a></td> </tr> <tr> <td align="center" valign="top" width="14.28%"><a href="https://github.com/0xatrilla"><img src="https://avatars.githubusercontent.com/u/107285362?v=4?s=100" width="100px;" alt="acxtrilla"/><br />_{<b>acxtrilla</b>}</a><br /><a href="#platform-0xatrilla" title="Packaging/porting to new platform">📦</a></td> </tr> </tbody> </table> <!-- markdownlint-restore --> <!-- prettier-ignore-end --> <!-- ALL-CONTRIBUTORS-LIST:END -->

acknowledgements

• projectdiscovery for nuclei and other security tools
• shodan for infrastructure intelligence

---

<div align="center"> _{bsd 3-clause license · made by vmfunc, xyzeva, and contributors} </div>