salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(12-04): wire all 10 Phase 12 sources into RegisterAll + cmd/recon.go credentials

Browse Source 
- Add 8 Phase 12 credential fields to SourcesConfig (Shodan, Censys, ZoomEye, FOFA, Netlas, BinaryEdge)
- Register all 10 Phase 12 sources in RegisterAll (6 IoT + 4 cloud storage)
- Wire env/viper credential lookup in cmd/recon.go buildReconEngine
- Update reconCmd Long description to mention Phase 12 sources
This commit is contained in:
salvacybersec
2026-04-06 12:31:57 +03:00
parent ade609d562
commit 870431658d
2 changed files with 74 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cmd/recon.go
View File

@@ -26,7 +26,7 @@ var (
var reconCmd = &cobra.Command{ var reconCmd = &cobra.Command{
Use: "recon", Use: "recon",
Short: "Run OSINT recon across internet sources", Short: "Run OSINT recon across internet sources",
Long: "Run OSINT recon sweeps across registered sources. Phase 10 adds ten code-hosting sources (GitHub/GitLab/Bitbucket/Gist/Codeberg/HuggingFace/Replit/CodeSandbox/Sandboxes/Kaggle). Phase 11 adds search engine dorking (Google/Bing/DuckDuckGo/Yandex/Brave) and paste site scanning (Pastebin/GistPaste/PasteSites).", Long: "Run OSINT recon sweeps across registered sources. Phase 10 adds ten code-hosting sources (GitHub/GitLab/Bitbucket/Gist/Codeberg/HuggingFace/Replit/CodeSandbox/Sandboxes/Kaggle). Phase 11 adds search engine dorking (Google/Bing/DuckDuckGo/Yandex/Brave) and paste site scanning (Pastebin/GistPaste/PasteSites). Phase 12 adds IoT scanners (Shodan/Censys/ZoomEye/FOFA/Netlas/BinaryEdge) and cloud storage scanners (S3/GCS/AzureBlob/Spaces).",
} }
var reconFullCmd = &cobra.Command{ var reconFullCmd = &cobra.Command{
@@ -159,6 +159,14 @@ func buildReconEngine() *recon.Engine {
YandexUser: firstNonEmpty(os.Getenv("YANDEX_USER"), viper.GetString("recon.yandex.user")), YandexUser: firstNonEmpty(os.Getenv("YANDEX_USER"), viper.GetString("recon.yandex.user")),
YandexAPIKey: firstNonEmpty(os.Getenv("YANDEX_API_KEY"), viper.GetString("recon.yandex.api_key")), YandexAPIKey: firstNonEmpty(os.Getenv("YANDEX_API_KEY"), viper.GetString("recon.yandex.api_key")),
BraveAPIKey: firstNonEmpty(os.Getenv("BRAVE_API_KEY"), viper.GetString("recon.brave.api_key")), BraveAPIKey: firstNonEmpty(os.Getenv("BRAVE_API_KEY"), viper.GetString("recon.brave.api_key")),
ShodanAPIKey: firstNonEmpty(os.Getenv("SHODAN_API_KEY"), viper.GetString("recon.shodan.api_key")),
CensysAPIId: firstNonEmpty(os.Getenv("CENSYS_API_ID"), viper.GetString("recon.censys.api_id")),
CensysAPISecret: firstNonEmpty(os.Getenv("CENSYS_API_SECRET"), viper.GetString("recon.censys.api_secret")),
ZoomEyeAPIKey: firstNonEmpty(os.Getenv("ZOOMEYE_API_KEY"), viper.GetString("recon.zoomeye.api_key")),
FOFAEmail: firstNonEmpty(os.Getenv("FOFA_EMAIL"), viper.GetString("recon.fofa.email")),
FOFAAPIKey: firstNonEmpty(os.Getenv("FOFA_API_KEY"), viper.GetString("recon.fofa.api_key")),
NetlasAPIKey: firstNonEmpty(os.Getenv("NETLAS_API_KEY"), viper.GetString("recon.netlas.api_key")),
BinaryEdgeAPIKey: firstNonEmpty(os.Getenv("BINARYEDGE_API_KEY"), viper.GetString("recon.binaryedge.api_key")),
} }
sources.RegisterAll(e, cfg) sources.RegisterAll(e, cfg)
return e return e

67
pkg/recon/sources/register.go
View File

@@ -39,14 +39,25 @@ type SourcesConfig struct {
// Brave Search API subscription token. // Brave Search API subscription token.
BraveAPIKey string BraveAPIKey string
// Phase 12: IoT scanner API keys.
ShodanAPIKey string
CensysAPIId string
CensysAPISecret string
ZoomEyeAPIKey string
FOFAEmail string
FOFAAPIKey string
NetlasAPIKey string
BinaryEdgeAPIKey string
// Registry drives query generation for every source via BuildQueries. // Registry drives query generation for every source via BuildQueries.
Registry *providers.Registry Registry *providers.Registry
// Limiters is the shared per-source rate-limiter registry. // Limiters is the shared per-source rate-limiter registry.
Limiters *recon.LimiterRegistry Limiters *recon.LimiterRegistry
} }
// RegisterAll registers every Phase 10 code-hosting and Phase 11 search // RegisterAll registers every Phase 10 code-hosting, Phase 11 search engine /
// engine / paste site source on engine (18 sources total). // paste site, and Phase 12 IoT scanner / cloud storage source on engine
// (28 sources total).
// //
// All sources are registered unconditionally so that cmd/recon.go can surface // All sources are registered unconditionally so that cmd/recon.go can surface
// the full catalog via `keyhunter recon list` regardless of which credentials // the full catalog via `keyhunter recon list` regardless of which credentials
@@ -149,4 +160,56 @@ func RegisterAll(engine *recon.Engine, cfg SourcesConfig) {
Registry: reg, Registry: reg,
Limiters: lim, Limiters: lim,
}) })
// Phase 12: IoT scanner sources.
engine.Register(&ShodanSource{
APIKey: cfg.ShodanAPIKey,
Registry: reg,
Limiters: lim,
})
engine.Register(&CensysSource{
APIId: cfg.CensysAPIId,
APISecret: cfg.CensysAPISecret,
Registry: reg,
Limiters: lim,
})
engine.Register(&ZoomEyeSource{
APIKey: cfg.ZoomEyeAPIKey,
Registry: reg,
Limiters: lim,
})
engine.Register(&FOFASource{
Email: cfg.FOFAEmail,
APIKey: cfg.FOFAAPIKey,
Registry: reg,
Limiters: lim,
})
engine.Register(&NetlasSource{
APIKey: cfg.NetlasAPIKey,
Registry: reg,
Limiters: lim,
})
engine.Register(&BinaryEdgeSource{
APIKey: cfg.BinaryEdgeAPIKey,
Registry: reg,
Limiters: lim,
})
// Phase 12: Cloud storage sources (credentialless).
engine.Register(&S3Scanner{
Registry: reg,
Limiters: lim,
})
engine.Register(&GCSScanner{
Registry: reg,
Limiters: lim,
})
engine.Register(&AzureBlobScanner{
Registry: reg,
Limiters: lim,
})
engine.Register(&DOSpacesScanner{
Registry: reg,
Limiters: lim,
})
} }