salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
339 Commits 1 Branch 0 Tags
d8a610758bf391a17ca88d99e14710cb73caa477
Commit Graph

11 Commits

Author SHA1 Message Date
salvacybersec
6eb5b69845 feat(phase-16): wire all 9 Phase 16 sources + VT/IX/ST API keys 2026-04-06 16:48:35 +03:00
salvacybersec
a195ef33a0 feat(16-02): add SecurityTrails source and wire all three Phase 16-02 sources 
- SecurityTrailsSource enumerates subdomains via API, probes config endpoints
- Credential-gated via SECURITYTRAILS_API_KEY env var
- RegisterAll extended to 70 sources (67 Phase 10-15 + 3 Phase 16)
- cmd/recon.go wires SecurityTrails API key from env/viper
 2026-04-06 16:46:09 +03:00
salvacybersec
4246db8294 fix: resolve Phase 14 merge conflicts across CI/CD, archive, and frontend sources 2026-04-06 13:42:54 +03:00
salvacybersec
27624e0ec7 merge: phase 14-04 register wiring 2026-04-06 13:39:32 +03:00
salvacybersec
7ef6c2ac34 feat(14-04): wire all 12 Phase 14 sources in RegisterAll (45 -> 52 total) 
- Add CircleCIToken to SourcesConfig with env/viper lookup in cmd/recon.go
- Register 7 new sources: travisci, ghactions, circleci, jenkins, wayback, commoncrawl, jsbundle
- Update register_test.go expectations from 45 to 52 sources
- Add integration test handlers + registrations for all 12 Phase 14 sources
- Integration test now validates 52 sources end-to-end
 2026-04-06 13:34:18 +03:00
salvacybersec
e0f267f7bf feat(14-01): add 5 CI/CD log sources (GitHubActions, TravisCI, CircleCI, Jenkins, GitLabCI) 
- GitHubActionsSource: searches GitHub code search for workflow files with provider keywords (token-gated)
- TravisCISource: queries Travis CI v3 API for public build logs (credentialless)
- CircleCISource: queries CircleCI v2 pipeline API for build pipelines (token-gated)
- JenkinsSource: queries open Jenkins /api/json for job build consoles (credentialless)
- GitLabCISource: queries GitLab projects API for CI-enabled projects (token-gated)
- RegisterAll extended to 45 sources (40 Phase 10-13 + 5 Phase 14)
- Integration test updated with fixtures for all 5 new sources
- cmd/recon.go wires CIRCLECI_TOKEN env var
 2026-04-06 13:17:31 +03:00
salvacybersec
870431658d feat(12-04): wire all 10 Phase 12 sources into RegisterAll + cmd/recon.go credentials 
- Add 8 Phase 12 credential fields to SourcesConfig (Shodan, Censys, ZoomEye, FOFA, Netlas, BinaryEdge)
- Register all 10 Phase 12 sources in RegisterAll (6 IoT + 4 cloud storage)
- Wire env/viper credential lookup in cmd/recon.go buildReconEngine
- Update reconCmd Long description to mention Phase 12 sources
 2026-04-06 12:31:57 +03:00
salvacybersec
3250408f23 feat(11-03): wire 18 sources into RegisterAll + credential wiring in cmd/recon.go 
- Extend SourcesConfig with GoogleAPIKey, GoogleCX, BingAPIKey, YandexUser, YandexAPIKey, BraveAPIKey
- RegisterAll registers 8 Phase 11 sources alongside 10 Phase 10 sources (18 total)
- cmd/recon.go reads search engine API keys from env vars and viper config
- Guardrail tests updated to assert 18 sources
 2026-04-06 12:02:11 +03:00
salvacybersec
118decbb3e fix(phase-10): add --sources filter flag and DB persistence to recon full 
Closes 2 verification gaps:
1. --sources=github,gitlab flag filters registered sources before sweep
2. Findings persisted to SQLite via storage.SaveFinding after dedup

Also adds Engine.Get() method for source lookup by name.
 2026-04-06 11:36:19 +03:00
salvacybersec
e00fb172ab feat(10-09): wire sources.RegisterAll into cmd/recon with viper+env credential lookup 2026-04-06 01:27:25 +03:00
salvacybersec
86a6bb864b feat(09-05): add recon full/list commands and remove stub 
- cmd/recon.go owns reconCmd with full and list subcommands
- Wires pkg/recon.Engine.SweepAll + Dedup with ExampleSource registered
- Adds --stealth, --respect-robots (default true), --query flags
- Removes reconCmd stub from cmd/stubs.go
 2026-04-06 00:47:32 +03:00