Merge pull request #705 from projectdiscovery/dev

v1.2.0

Author: Mzack9999

.github/workflows/build-test.yml

@@ -13,8 +13,8 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest, windows-latest, macOS-13]
-        go-version: [1.22.x]
+        os: [ubuntu-latest, windows-latest, macOS-latest]
+        go-version: [1.24.x]
     steps:
       - name: Set up Go
         uses: actions/setup-go@v4

.github/workflows/provider-integration.yml

@@ -13,15 +13,15 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.22.x
+          go-version: 1.24.x
 
       - name: Check out code
         uses: actions/checkout@v3
 
       - name: Integration Tests
         env:
           GH_ACTION: true
-          CENSYS_API_KEY: ${{secrets.CENSYS_API_SECRET}}
+          CENSYS_API_KEY: ${{secrets.CENSYS_ORGANIZATION_ID}}
           FOFA_API_KEY: ${{secrets.FOFA_KEY}}
           SHODAN_API_KEY: ${{secrets.SHODAN_API_KEY}}
           ZOOMEYE_API_KEY: ${{secrets.ZOOMEYE_API_KEY}}

.github/workflows/release-binary.yml

@@ -18,7 +18,7 @@ jobs:
       - name: "Set up Go"
         uses: actions/setup-go@v4
         with: 
-          go-version: 1.22.x
+          go-version: 1.24.x
 
       - name: "Create release on GitHub"
         uses: goreleaser/goreleaser-action@v4

.github/workflows/release-test.yml

@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.22.x
+          go-version: 1.24.x
 
       - name: release test
         uses: goreleaser/goreleaser-action@v4

README.md

@@ -135,8 +135,8 @@ shodan:
   - SHODAN_API_KEY_1
   - SHODAN_API_KEY_2
 censys:
-  - CENSYS_API_ID_1:CENSYS_API_SECRET_1
-  - CENSYS_API_ID_2:CENSYS_API_SECRET_2
+  - CENSYS_API_TOKEN_1:CENSYS_ORGANIZATION_ID_1
+  - CENSYS_API_TOKEN_2:CENSYS_ORGANIZATION_ID_2
 fofa:
   - FOFA_EMAIL_1:FOFA_KEY_1
   - FOFA_EMAIL_2:FOFA_KEY_2
@@ -178,8 +178,8 @@ alternatively you can also set the API key as environment variable in your bash
 
 ```yaml
 export SHODAN_API_KEY=xxx
-export CENSYS_API_ID=xxx
-export CENSYS_API_SECRET=xxx
+export CENSYS_API_TOKEN=xxx
+export CENSYS_ORGANIZATION_ID=xxx
 export FOFA_EMAIL=xxx
 export FOFA_KEY=xxx
 export QUAKE_TOKEN=xxx
@@ -195,15 +195,7 @@ export ONYPHE_API_KEY=xxx
 export DRIFTNET_API_KEY=xxx
 ```
 
-Required API keys can be obtained by signing up on following platform [Shodan](https://account.shodan.io/register), [Censys](https://censys.io/register), [Fofa](https://fofa.info/toLogin), [Quake](https://quake.360.net/quake/#/index), [Hunter](https://user.skyeye.qianxin.com/user/register?next=https%3A//hunter.qianxin.com/api/uLogin&fromLogin=1), ZoomEye [china](https://api.zoomeye.org) - [worldwide](https://api.zoomeye.hk), [Netlas](https://app.netlas.io/registration/), [CriminalIP](https://www.criminalip.io/register), [Publicwww](https://publicwww.com/profile/signup.html), Google [[1]](https://developers.google.com/custom-search/v1/introduction#identify_your_application_to_google_with_api_key),[[2]](https://programmablesearchengine.google.com/controlpanel/create), [Onyphe](https://search.onyphe.io/signup) and [Driftnet](https://driftnet.io/auth?state=signup).
-
-### ZoomEye API
-
- Before conducting any scans, please ensure you are using the correct host to comply with geographical access restrictions of the ZoomEye API:
-
- - **zoomeye.org** is exclusively for users within China.
- - **zoomeye.hk** is for users outside China (this is default if no host provided).
-
+Required API keys can be obtained by signing up on following platform [Shodan](https://account.shodan.io/register), [Censys](https://censys.io/register), [Fofa](https://fofa.info/toLogin), [Quake](https://quake.360.net/quake/#/index), [Hunter](https://user.skyeye.qianxin.com/user/register?next=https%3A//hunter.qianxin.com/api/uLogin&fromLogin=1), [ZoomEye](https://www.zoomeye.ai), [Netlas](https://app.netlas.io/registration/), [CriminalIP](https://www.criminalip.io/register), [Publicwww](https://publicwww.com/profile/signup.html), Google [[1]](https://developers.google.com/custom-search/v1/introduction#identify_your_application_to_google_with_api_key),[[2]](https://programmablesearchengine.google.com/controlpanel/create), [Onyphe](https://search.onyphe.io/signup) and [Driftnet](https://driftnet.io/auth?state=signup).
 
 ## Running Uncover
 

go.mod

@@ -3,6 +3,7 @@ module github.com/projectdiscovery/uncover
 go 1.24.0
 
 require (
+	github.com/censys/censys-sdk-go v0.19.1
 	github.com/hashicorp/golang-lru v0.5.4
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/logrusorgru/aurora v2.0.3+incompatible
@@ -63,6 +64,7 @@ require (
 	github.com/dlclark/regexp2 v1.11.4 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
+	github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05 // indirect
 	github.com/fatih/color v1.15.0 // indirect
 	github.com/gaissmai/bart v0.17.8 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect

go.sum

@@ -34,6 +34,8 @@ github.com/bits-and-blooms/bitset v1.13.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6
 github.com/bits-and-blooms/bloom/v3 v3.5.0 h1:AKDvi1V3xJCmSR6QhcBfHbCN4Vf8FfxeWkMNQfmAGhY=
 github.com/bits-and-blooms/bloom/v3 v3.5.0/go.mod h1:Y8vrn7nk1tPIlmLtW2ZPV+W7StdVMor6bC1xgpjMZFs=
 github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
+github.com/censys/censys-sdk-go v0.19.1 h1:CG8rQKgwrKuoICd3oU0uddALMfJnboeMkDg/e74HYyc=
+github.com/censys/censys-sdk-go v0.19.1/go.mod h1:DgPz5NgL+EfoueXLPG9UG1e7hS0OhtlywgpkIuu3ZRE=
 github.com/charmbracelet/glamour v0.8.0 h1:tPrjL3aRcQbn++7t18wOpgLyl8wrOHUEDS7IZ68QtZs=
 github.com/charmbracelet/glamour v0.8.0/go.mod h1:ViRgmKkf3u5S7uakt2czJ272WSg2ZenlYEZXT2x7Bjw=
 github.com/charmbracelet/lipgloss v0.13.0 h1:4X3PPeoWEDCMvzDvGmTajSyYPcZM4+y8sCA/SsA3cjw=
@@ -62,6 +64,8 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD
 github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 h1:iFaUwBSo5Svw6L7HYpRu/0lE3e0BaElwnNO1qkNQxBY=
 github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5/go.mod h1:qssHWj60/X5sZFNxpG4HBPDHVqxNm4DfnCKgrbZOT+s=
 github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY=
+github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05 h1:S92OBrGuLLZsyM5ybUzgc/mPjIYk2AZqufieooe98uw=
+github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05/go.mod h1:M9R1FoZ3y//hwwnJtO51ypFGwm8ZfpxPT/ZLtO1mcgQ=
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=

integration-tests/integration-test.go

@@ -6,7 +6,6 @@ import (
 	"strings"
 
 	"github.com/logrusorgru/aurora"
-
 	"github.com/projectdiscovery/uncover/testutils"
 )
 
@@ -33,6 +32,7 @@ var (
 		"odin":       odinTestcases{},
 		"binaryedge": binaryedgeTestcases{},
 		"onyphe":     onypheTestcases{},
+		"greynoise":  greynoiseTestcases{},
 		// feature tests
 		"output": outputTestcases{},
 	}

integration-tests/source-test.go

@@ -23,7 +23,9 @@ func (h censysTestcases) Execute() error {
 	}
 	censysToken := fmt.Sprintf(`censys: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(censysToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-censys", "'services.software.vendor=Grafana'")
 	if err != nil {
 		return err
@@ -40,7 +42,9 @@ func (h shodanTestcases) Execute() error {
 	}
 	shodanToken := fmt.Sprintf(`shodan: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(shodanToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-shodan", "'title:\"Grafana\"'")
 	if err != nil {
 		return err
@@ -65,7 +69,9 @@ func (h zoomeyeTestcases) Execute() error {
 	}
 	zoomeyeToken := fmt.Sprintf(`zoomeye: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(zoomeyeToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-zoomeye", "'app:\"Atlassian JIRA\"'")
 	if err != nil {
 		return err
@@ -82,7 +88,9 @@ func (h fofaTestcases) Execute() error {
 	}
 	fofaToken := fmt.Sprintf(`fofa: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(fofaToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-fofa", "'app=Grafana'")
 	if err != nil {
 		return err
@@ -109,7 +117,9 @@ func (h quakeTestcases) Execute() error {
 	}
 	quakeToken := fmt.Sprintf(`quake: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(quakeToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-quake", "'Grafana'")
 	if err != nil {
 		return err
@@ -126,7 +136,9 @@ func (h netlasTestcases) Execute() error {
 	}
 	netlasToken := fmt.Sprintf(`netlas: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(netlasToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-netlas", "'Grafana'")
 	if err != nil {
 		return err
@@ -143,7 +155,9 @@ func (h criminalipTestcases) Execute() error {
 	}
 	criminalipToken := fmt.Sprintf(`criminalip: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(criminalipToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-criminalip", "'Grafana'")
 	if err != nil {
 		return err
@@ -160,7 +174,9 @@ func (h hunterhowTestcases) Execute() error {
 	}
 	hunterhowApiKey := fmt.Sprintf(`hunterhow: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(hunterhowApiKey), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-hunterhow", "'web.body=\"ElasticJob\"'")
 	if err != nil {
 		return err
@@ -199,7 +215,9 @@ func (h googleTestcases) Execute() error {
 	}
 	googleToken := fmt.Sprintf(`google: [%s,%s]`, token, engineId)
 	_ = os.WriteFile(ConfigFile, []byte(googleToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-google", "site:*.hackerone.com")
 	if err != nil {
 		return err
@@ -218,7 +236,9 @@ func (h odinTestcases) Execute() error {
 	if err := os.WriteFile(ConfigFile, []byte(odinToken), 0644); err != nil {
 		return err
 	}
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-odin", "nginx")
 
 	if err != nil {
@@ -237,7 +257,9 @@ func (h binaryedgeTestcases) Execute() error {
 
 	binaryedgeToken := fmt.Sprintf(`binaryedge: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(binaryedgeToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-binaryedge", "1.1.1.1")
 
 	if err != nil {
@@ -256,11 +278,41 @@ func (h onypheTestcases) Execute() error {
 
 	onypheToken := fmt.Sprintf(`onyphe: [%s]`, token)
 	_ = os.WriteFile(ConfigFile, []byte(onypheToken), 0644)
-	defer os.RemoveAll(ConfigFile)
+	defer func() {
+		_ = os.RemoveAll(ConfigFile)
+	}()
 	results, err := testutils.RunUncoverAndGetResults(debug, "-onyphe", "google.com")
 
 	if err != nil {
 		return err
 	}
 	return expectResultsGreaterThanCount(results, 0)
 }
+
+type greynoiseTestcases struct{}
+
+func (h greynoiseTestcases) Execute() error {
+	token := os.Getenv("GREYNOISE_API_KEY")
+	if token == "" {
+		return errors.New("missing greynoise api key")
+	}
+
+	greynoiseToken := fmt.Sprintf(`greynoise: [%s]`, token)
+	_ = os.WriteFile(ConfigFile, []byte(greynoiseToken), 0644)
+	defer os.RemoveAll(ConfigFile)
+
+	results, err := testutils.RunUncoverAndGetResults(debug, "-e", "greynoise", "-q", "tag:scanner")
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "WARNING: greynoise query failed: %v\n", err)
+		fmt.Fprintln(os.Stderr, "INFO: This may happen if you are using a Community API key. GNQL queries require an Enterprise API key.")
+		return nil
+	}
+
+	if len(results) == 0 {
+		fmt.Fprintln(os.Stderr, "INFO: greynoise returned 0 results.")
+		fmt.Fprintln(os.Stderr, "NOTE: Community API keys cannot access GNQL queries. An Enterprise API key is required for this test to return data.")
+		return nil
+	}
+
+	return nil
+}

runner/options.go

@@ -62,6 +62,7 @@ type Options struct {
 	BinaryEdge           goflags.StringSlice
 	Onyphe               goflags.StringSlice
 	Driftnet             goflags.StringSlice
+	GreyNoise            goflags.StringSlice
 	DisableUpdateCheck   bool
 }
 
@@ -73,7 +74,7 @@ func ParseOptions() *Options {
 
 	flagSet.CreateGroup("input", "Input",
 		flagSet.StringSliceVarP(&options.Query, "query", "q", nil, "search query, supports: stdin,file,config input (example: -q 'example query', -q 'query.txt')", goflags.FileStringSliceOptions),
-		flagSet.StringSliceVarP(&options.Engine, "engine", "e", nil, "search engine to query (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,publicwww,criminalip,hunterhow,google,odin,binaryedge,onyphe,driftnet) (default shodan)", goflags.FileNormalizedStringSliceOptions),
+		flagSet.StringSliceVarP(&options.Engine, "engine", "e", nil, "search engine to query (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,publicwww,criminalip,hunterhow,google,odin,binaryedge,onyphe,driftnet,greynoise) (default shodan)", goflags.FileNormalizedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.AwesomeSearchQueries, "awesome-search-queries", "asq", nil, "use awesome search queries to discover exposed assets on the internet (example: -asq 'jira')", goflags.FileStringSliceOptions),
 	)
 
@@ -94,6 +95,7 @@ func ParseOptions() *Options {
 		flagSet.StringSliceVarP(&options.BinaryEdge, "binaryedge", "be", nil, "search query for binaryedge (example: -binaryedge 'query.txt')", goflags.FileStringSliceOptions),
 		flagSet.StringSliceVarP(&options.Onyphe, "onyphe", "on", nil, "search query for onyphe (example: -onyphe 'query.txt')", goflags.FileStringSliceOptions),
 		flagSet.StringSliceVarP(&options.Driftnet, "driftnet", "df", nil, "search query for driftnet (example: -driftnet 'query.txt')", goflags.FileStringSliceOptions),
+		flagSet.StringSliceVarP(&options.GreyNoise, "greynoise", "gn", nil, "search query for greynoise (example: -greynoise 'query.txt')", goflags.FileStringSliceOptions),
 	)
 
 	flagSet.CreateGroup("config", "Config",
@@ -169,7 +171,8 @@ func ParseOptions() *Options {
 		len(options.Odin),
 		len(options.BinaryEdge),
 		len(options.Onyphe),
-		len(options.Driftnet)) {
+		len(options.Driftnet),
+		len(options.GreyNoise)) {
 		options.Engine = append(options.Engine, "shodan")
 	}
 
@@ -241,7 +244,8 @@ func (options *Options) validateOptions() error {
 		len(options.Odin),
 		len(options.BinaryEdge),
 		len(options.Onyphe),
-		len(options.Driftnet)) {
+		len(options.Driftnet),
+		len(options.GreyNoise)) {
 		return errors.New("no query provided")
 	}
 
@@ -268,7 +272,8 @@ func (options *Options) validateOptions() error {
 		len(options.Odin),
 		len(options.BinaryEdge),
 		len(options.Onyphe),
-		len(options.Driftnet)) {
+		len(options.Driftnet),
+		len(options.GreyNoise)) {
 		return errors.New("no engine specified")
 	}
 
@@ -312,6 +317,7 @@ func appendAllQueries(options *Options) {
 	appendQuery(options, "binaryedge", options.BinaryEdge...)
 	appendQuery(options, "onyphe", options.Onyphe...)
 	appendQuery(options, "driftnet", options.Driftnet...)
+	appendQuery(options, "greynoise", options.GreyNoise...)
 }
 
 func (options *Options) useAwesomeSearchQueries(awesomeSearchQueries []string) error {