0a50fb4eb5
chore(release): goreleaser + CI workflows + v2 demo GIFs
...
Release infrastructure:
- .goreleaser.yml: builds 5-platform binaries (darwin/linux/windows
x amd64/arm64), SHA-256 checksums, pre-release detection for -rc tags
- .github/workflows/release.yml: runs on any 'v*' tag — test -> build
-> publish via goreleaser-action
- .github/workflows/ci.yml: test + vet + race detector on every push
to main / v2-* and every PR
- .gitignore: extended to cover scan artifacts (gods-eye-*.json,
report-*.json, *.stderr), YAML configs (god-eye.yaml, .god-eye.yaml),
IDE state (.idea, .vscode, .cursor), Claude Code working notes
(CLAUDE.md, .claude/), and the /god-eye build artifact
Demo GIFs recorded live against scanme.nmap.org (Nmap's authorized
test host):
- assets/wizard-demo.gif (272 KB): interactive setup walkthrough
- assets/live-scan.gif (37 KB): colorized event stream
- assets/ai-verbose.gif (122 KB): full AI cascade + end-of-scan brief
Legacy v0.1 assets removed:
- assets/demo.gif
- assets/demo-ai.gif
2026-04-18 16:49:29 +02:00
b1bf119c82
v0.1.1: Major AI improvements, new security modules, and documentation fixes
...
## AI & CVE Improvements
- Fix AI report to display actual subdomain names instead of generic placeholders
- Add 10-year CVE filter to reduce false positives from outdated vulnerabilities
- Integrate CISA KEV (Known Exploited Vulnerabilities) database support
- Improve AI analysis prompt for more accurate security findings
## New Security Modules
- Add wildcard DNS detection with multi-phase validation (DNS + HTTP)
- Add TLS certificate analyzer for certificate chain inspection
- Add comprehensive rate limiting module for API requests
- Add retry mechanism with exponential backoff
- Add stealth mode for reduced detection during scans
- Add progress tracking module for better UX
## Code Refactoring
- Extract scanner output logic to dedicated module
- Add base source interface for consistent passive source implementation
- Reduce admin panel paths to common generic patterns only
- Improve HTTP client with connection pooling
- Add JSON output formatter
## Documentation Updates
- Correct passive source count to 20 (was incorrectly stated as 34)
- Fix AI model names: deepseek-r1:1.5b (fast) + qwen2.5-coder:7b (deep)
- Update all markdown files for consistency
- Relocate demo GIFs to assets/ directory
- Add benchmark disclaimer for test variability
## Files Changed
- 4 documentation files updated (README, AI_SETUP, BENCHMARK, EXAMPLES)
- 11 new source files added
- 12 existing files modified
2025-11-21 12:00:58 +01:00
14718dd75f
🚀 God's Eye v0.1 - Initial Release
...
God's Eye is an ultra-fast subdomain enumeration and reconnaissance tool with AI-powered security analysis.
## ✨ Key Features
### 🔍 Comprehensive Enumeration
- 20+ passive sources (crt.sh, Censys, URLScan, etc.)
- DNS brute-force with smart wordlists
- Wildcard detection and filtering
- 1000 concurrent workers for maximum speed
### 🌐 Deep Reconnaissance
- HTTP probing with 13+ security checks
- Port scanning (configurable)
- TLS/SSL fingerprinting
- Technology detection (Wappalyzer-style)
- WAF detection (Cloudflare, Akamai, etc.)
- Security header analysis
- JavaScript secrets extraction
- Admin panel & API discovery
- Backup file detection
- robots.txt & sitemap.xml checks
### 🎯 Subdomain Takeover Detection
- 110+ fingerprints (AWS, Azure, GitHub Pages, Heroku, etc.)
- CNAME validation
- Dead DNS detection
### 🤖 AI-Powered Analysis (NEW!)
- Local AI using Ollama - No API costs, complete privacy
- Real-time CVE detection via function calling (queries NVD database)
- Cascade architecture: phi3.5 (fast triage) + qwen2.5-coder (deep analysis)
- JavaScript security analysis
- HTTP response anomaly detection
- Executive summary reports
### 📊 Output Formats
- Pretty terminal output with colors
- JSON export
- CSV export
- TXT (simple subdomain list)
- Silent mode for piping
## 🚀 Installation
bash
go install github.com/Vyntral/god-eye@latest
## 📖 Quick Start
bash
# Basic scan
god-eye -d example.com
# With AI analysis
god-eye -d example.com --enable-ai
# Only active hosts
god-eye -d example.com --active
# Export to JSON
god-eye -d example.com -o results.json -f json
## 🎯 Use Cases
- Bug bounty reconnaissance
- Penetration testing
- Security audits
- Attack surface mapping
- Red team operations
## ⚠️ Legal Notice
This tool is for authorized security testing only. Users must obtain explicit permission before scanning any targets. Unauthorized access is illegal.
## 📄 License
MIT License with additional security tool terms - see LICENSE file
## 🙏 Credits
Built with ❤️ by Vyntral for Orizon
Powered by Go, Ollama, and the security community
---
🤖 Generated with Claude Code
https://claude.com/claude-code
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-20 10:41:05 +01:00
Vyntral