Merge pull request #656 from projectdiscovery/dev

v1.0.10

Author: dogancanbakir

.github/workflows/build-test.yml

@@ -14,7 +14,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest, macOS-13]
-        go-version: [1.21.x]
+        go-version: [1.22.x]
     steps:
       - name: Set up Go
         uses: actions/setup-go@v4

.github/workflows/lint-test.yml

@@ -8,21 +8,15 @@ on:
   workflow_dispatch:
 
 jobs:
-  lint:
-    name: Lint Test
+  lint-test:
+    if: "! endsWith(github.actor, '[bot]')"
     runs-on: ubuntu-latest
     steps:
-      - name: Set up Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: 1.21.x
-
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: projectdiscovery/actions/setup/go@v1
 
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v3.6.0
-        with:
-          version: latest
-          args: --timeout 5m
-          working-directory: .
+        uses: projectdiscovery/actions/golangci-lint@v1

.github/workflows/provider-integration.yml

@@ -13,7 +13,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.21.x
+          go-version: 1.22.x
 
       - name: Check out code
         uses: actions/checkout@v3

.github/workflows/release-binary.yml

@@ -18,7 +18,7 @@ jobs:
       - name: "Set up Go"
         uses: actions/setup-go@v4
         with: 
-          go-version: 1.21.x
+          go-version: 1.22.x
 
       - name: "Create release on GitHub"
         uses: goreleaser/goreleaser-action@v4

.github/workflows/release-test.yml

@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.21.x
+          go-version: 1.22.x
 
       - name: release test
         uses: goreleaser/goreleaser-action@v4

README.md

@@ -42,7 +42,7 @@
   - **[FOFA](https://fofa.info)**
   - **[Hunter](https://hunter.qianxin.com)**
   - **[Quake](https://quake.360.net/quake/#/index)**
-  - **[Zoomeye](https://www.zoomeye.org)**
+  - **ZoomEye [china](https://zoomeye.org) - [worldwide](https://zoomeye.hk)**
   - **[Netlas](https://netlas.io/)**
   - **[CriminalIP](https://www.criminalip.io)**
   - **[PublicWWW](https://publicwww.com)**
@@ -76,6 +76,7 @@ Flags:
 INPUT:
    -q, -query string[]   search query, supports: stdin,file,config input (example: -q 'example query', -q 'query.txt')
    -e, -engine string[]  search engine to query (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,criminalip,publicwww,hunterhow,google) (default shodan)
+   -asq, -awesome-search-queries string[]  use awesome search queries to discover exposed assets on the internet (example: -asq 'jira')
 
 SEARCH-ENGINE:
    -s, -shodan string[]       search query for shodan (example: -shodan 'query.txt')
@@ -141,7 +142,7 @@ hunter:
   - HUNTER_API_KEY_1
   - HUNTER_API_KEY_2
 zoomeye:
-  - ZOOMEYE_API_KEY_1
+  - ZOOMEYE_API_KEY_1:zoomeye.hk
   - ZOOMEYE_API_KEY_2
 netlas:
   - NETLAS_API_KEY_1
@@ -181,7 +182,16 @@ export GOOGLE_API_KEY=xxx
 export GOOGLE_API_CX=xxx
 ```
 
-Required API keys can be obtained by signing up on following platform [Shodan](https://account.shodan.io/register), [Censys](https://censys.io/register), [Fofa](https://fofa.info/toLogin), [Quake](https://quake.360.net/quake/#/index), [Hunter](https://user.skyeye.qianxin.com/user/register?next=https%3A//hunter.qianxin.com/api/uLogin&fromLogin=1), [ZoomEye](https://www.zoomeye.org/login), [Netlas](https://app.netlas.io/registration/), [CriminalIP](https://www.criminalip.io/register), [Publicwww](https://publicwww.com/profile/signup.html) and Google [[1]](https://developers.google.com/custom-search/v1/introduction#identify_your_application_to_google_with_api_key),[[2]](https://programmablesearchengine.google.com/controlpanel/create).
+Required API keys can be obtained by signing up on following platform [Shodan](https://account.shodan.io/register), [Censys](https://censys.io/register), [Fofa](https://fofa.info/toLogin), [Quake](https://quake.360.net/quake/#/index), [Hunter](https://user.skyeye.qianxin.com/user/register?next=https%3A//hunter.qianxin.com/api/uLogin&fromLogin=1), ZoomEye [china](https://api.zoomeye.org) - [worldwide](https://api.zoomeye.hk), [Netlas](https://app.netlas.io/registration/), [CriminalIP](https://www.criminalip.io/register), [Publicwww](https://publicwww.com/profile/signup.html) and Google [[1]](https://developers.google.com/custom-search/v1/introduction#identify_your_application_to_google_with_api_key),[[2]](https://programmablesearchengine.google.com/controlpanel/create).
+
+
+### ZoomEye API
+
+ Before conducting any scans, please ensure you are using the correct host to comply with geographical access restrictions of the ZoomEye API:
+
+ - **zoomeye.org** is exclusively for users within China.
+ - **zoomeye.hk** is for users outside China (this is default if no host provided).
+
 
 ## Running Uncover
 

go.mod

@@ -1,45 +1,46 @@
 module github.com/projectdiscovery/uncover
 
-go 1.21
+go 1.22.0
 
 require (
 	github.com/hashicorp/golang-lru v0.5.4
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/logrusorgru/aurora v2.0.3+incompatible
+	github.com/projectdiscovery/awesome-search-queries v0.0.0-20241111181020-ad0097bd63a1
 	github.com/projectdiscovery/fdmax v0.0.4
-	github.com/projectdiscovery/goflags v0.1.57
-	github.com/projectdiscovery/gologger v1.1.13
+	github.com/projectdiscovery/goflags v0.1.70
+	github.com/projectdiscovery/gologger v1.1.43
 	github.com/projectdiscovery/mapcidr v1.1.34
-	github.com/projectdiscovery/ratelimit v0.0.45
-	github.com/projectdiscovery/retryablehttp-go v1.0.65
-	github.com/stretchr/testify v1.9.0
+	github.com/projectdiscovery/ratelimit v0.0.71
+	github.com/projectdiscovery/retryablehttp-go v1.0.98
+	github.com/stretchr/testify v1.10.0
 )
 
 require (
-	github.com/miekg/dns v1.1.56 // indirect
-	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
-	golang.org/x/mod v0.13.0 // indirect
-	golang.org/x/tools v0.14.0 // indirect
+	github.com/miekg/dns v1.1.62 // indirect
+	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 // indirect
+	golang.org/x/mod v0.22.0 // indirect
+	golang.org/x/tools v0.29.0 // indirect
 )
 
 require (
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/gorilla/css v1.0.0 // indirect
+	github.com/gorilla/css v1.0.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/microcosm-cc/bluemonday v1.0.25 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.27 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/projectdiscovery/blackrock v0.0.1 // indirect
-	github.com/projectdiscovery/utils v0.1.4
+	github.com/projectdiscovery/utils v0.4.8
 	github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/net v0.34.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
@@ -50,60 +51,56 @@ require (
 	github.com/Mzack9999/go-http-digest-auth-client v0.6.1-0.20220414142836-eb8883508809 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
 	github.com/akrylysov/pogreb v0.10.1 // indirect
-	github.com/alecthomas/chroma v0.10.0 // indirect
+	github.com/alecthomas/chroma/v2 v2.14.0 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
-	github.com/bits-and-blooms/bitset v1.13.0 // indirect
-	github.com/charmbracelet/glamour v0.6.0 // indirect
+	github.com/charmbracelet/glamour v0.8.0 // indirect
+	github.com/charmbracelet/lipgloss v0.13.0 // indirect
+	github.com/charmbracelet/x/ansi v0.3.2 // indirect
 	github.com/cheggaaa/pb/v3 v3.1.4 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/dlclark/regexp2 v1.8.1 // indirect
+	github.com/dlclark/regexp2 v1.11.4 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
 	github.com/fatih/color v1.15.0 // indirect
-	github.com/gaissmai/bart v0.9.5 // indirect
-	github.com/gaukas/godicttls v0.0.4 // indirect
-	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/gaissmai/bart v0.17.8 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-github/v30 v30.1.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.3.1 // indirect
-	github.com/klauspost/compress v1.16.7 // indirect
+	github.com/klauspost/compress v1.17.4 // indirect
 	github.com/klauspost/pgzip v1.2.5 // indirect
 	github.com/kr/pretty v0.3.1 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/mattn/go-runewidth v0.0.14 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/mholt/archiver/v3 v3.5.1 // indirect
 	github.com/minio/selfupdate v0.6.1-0.20230907112617-f11e74f84ca7 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
-	github.com/muesli/termenv v0.15.1 // indirect
+	github.com/muesli/termenv v0.15.3-0.20240618155329-98d742f6907a // indirect
 	github.com/nwaples/rardecode v1.1.3 // indirect
-	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/pierrec/lz4/v4 v4.1.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
-	github.com/projectdiscovery/fastdialer v0.1.5 // indirect
-	github.com/projectdiscovery/hmap v0.0.48 // indirect
+	github.com/projectdiscovery/fastdialer v0.3.0 // indirect
+	github.com/projectdiscovery/hmap v0.0.77 // indirect
 	github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983 // indirect
-	github.com/projectdiscovery/networkpolicy v0.0.9 // indirect
-	github.com/projectdiscovery/retryabledns v1.0.65 // indirect
-	github.com/quic-go/quic-go v0.42.0 // indirect
-	github.com/refraction-networking/utls v1.5.4 // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/projectdiscovery/networkpolicy v0.1.3 // indirect
+	github.com/projectdiscovery/retryabledns v1.0.94 // indirect
+	github.com/refraction-networking/utls v1.6.7 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/shirou/gopsutil/v3 v3.23.7 // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/syndtr/goleveldb v1.0.0 // indirect
 	github.com/tidwall/btree v1.6.0 // indirect
 	github.com/tidwall/buntdb v1.3.0 // indirect
-	github.com/tidwall/gjson v1.16.0 // indirect
+	github.com/tidwall/gjson v1.18.0 // indirect
 	github.com/tidwall/grect v0.1.4 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
@@ -114,15 +111,17 @@ require (
 	github.com/ulikunitz/xz v0.5.11 // indirect
 	github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
-	github.com/yuin/goldmark v1.5.4 // indirect
-	github.com/yuin/goldmark-emoji v1.0.1 // indirect
+	github.com/yuin/goldmark v1.7.4 // indirect
+	github.com/yuin/goldmark-emoji v1.0.3 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	github.com/zcalusic/sysinfo v1.0.2 // indirect
 	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
 	github.com/zmap/zcrypto v0.0.0-20230814193918-dbe676986518 // indirect
 	go.etcd.io/bbolt v1.3.7 // indirect
-	golang.org/x/crypto v0.21.0 // indirect
+	golang.org/x/crypto v0.32.0 // indirect
 	golang.org/x/oauth2 v0.18.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/term v0.28.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect

go.sum

@@ -30,6 +30,8 @@ var (
 		"criminalip": criminalipTestcases{},
 		"hunterhow":  hunterhowTestcases{},
 		"google":     googleTestcases{},
+		"odin":       odinTestcases{},
+		"binaryedge": binaryedgeTestcases{},
 		// feature tests
 		"output": outputTestcases{},
 	}

integration-tests/integration-test.go

@@ -206,3 +206,42 @@ func (h googleTestcases) Execute() error {
 	}
 	return expectResultsGreaterThanCount(results, 0)
 }
+
+type odinTestcases struct{}
+
+func (h odinTestcases) Execute() error {
+	token := os.Getenv("ODIN_API_KEY")
+	if token == "" {
+		return errors.New("missing odin api key")
+	}
+	odinToken := fmt.Sprintf(`odin: [%s]`, token)
+	if err := os.WriteFile(ConfigFile, []byte(odinToken), 0644); err != nil {
+		return err
+	}
+	defer os.RemoveAll(ConfigFile)
+	results, err := testutils.RunUncoverAndGetResults(debug, "-odin", "nginx")
+
+	if err != nil {
+		return err
+	}
+	return expectResultsGreaterThanCount(results, 0)
+}
+
+type binaryedgeTestcases struct{}
+
+func (h binaryedgeTestcases) Execute() error {
+	token := os.Getenv("BINARYEDGE_API_KEY")
+	if token == "" {
+		return errors.New("missing binaryedge api key")
+	}
+
+	binaryedgeToken := fmt.Sprintf(`binaryedge: [%s]`, token)
+	_ = os.WriteFile(ConfigFile, []byte(binaryedgeToken), 0644)
+	defer os.RemoveAll(ConfigFile)
+	results, err := testutils.RunUncoverAndGetResults(debug, "-binaryedge", "1.1.1.1")
+
+	if err != nil {
+		return err
+	}
+	return expectResultsGreaterThanCount(results, 0)
+}

integration-tests/source-test.go

@@ -13,7 +13,7 @@ const banner = `
 `
 
 // Version is the current version of uncover
-const version = `v1.0.9`
+const version = `v1.0.10`
 
 // showBanner is used to show the banner to the user
 func showBanner() {

runner/banners.go

@@ -1,11 +1,14 @@
 package runner
 
 import (
+	"encoding/json"
 	"os"
 	"path/filepath"
+	"slices"
 
 	"errors"
 
+	awesomesearchqueries "github.com/projectdiscovery/awesome-search-queries"
 	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/gologger/formatter"
@@ -25,35 +28,38 @@ var (
 
 // Options contains the configuration options for tuning the enumeration process.
 type Options struct {
-	Query              goflags.StringSlice
-	Engine             goflags.StringSlice
-	ConfigFile         string
-	ProviderFile       string
-	OutputFile         string
-	OutputFields       string
-	JSON               bool
-	Raw                bool
-	Limit              int
-	Silent             bool
-	Verbose            bool
-	NoColor            bool
-	Timeout            int
-	RateLimit          int
-	RateLimitMinute    int
-	Retries            int
-	Shodan             goflags.StringSlice
-	ShodanIdb          goflags.StringSlice
-	Fofa               goflags.StringSlice
-	Censys             goflags.StringSlice
-	Quake              goflags.StringSlice
-	Netlas             goflags.StringSlice
-	Hunter             goflags.StringSlice
-	ZoomEye            goflags.StringSlice
-	CriminalIP         goflags.StringSlice
-	Publicwww          goflags.StringSlice
-	HunterHow          goflags.StringSlice
-	Google             goflags.StringSlice
-	DisableUpdateCheck bool
+	Query                goflags.StringSlice
+	Engine               goflags.StringSlice
+	AwesomeSearchQueries goflags.StringSlice
+	ConfigFile           string
+	ProviderFile         string
+	OutputFile           string
+	OutputFields         string
+	JSON                 bool
+	Raw                  bool
+	Limit                int
+	Silent               bool
+	Verbose              bool
+	NoColor              bool
+	Timeout              int
+	RateLimit            int
+	RateLimitMinute      int
+	Retries              int
+	Shodan               goflags.StringSlice
+	ShodanIdb            goflags.StringSlice
+	Fofa                 goflags.StringSlice
+	Censys               goflags.StringSlice
+	Quake                goflags.StringSlice
+	Netlas               goflags.StringSlice
+	Hunter               goflags.StringSlice
+	ZoomEye              goflags.StringSlice
+	CriminalIP           goflags.StringSlice
+	Publicwww            goflags.StringSlice
+	HunterHow            goflags.StringSlice
+	Google               goflags.StringSlice
+	Odin                 goflags.StringSlice
+	BinaryEdge           goflags.StringSlice
+	DisableUpdateCheck   bool
 }
 
 // ParseOptions parses the command line flags provided by a user
@@ -64,7 +70,8 @@ func ParseOptions() *Options {
 
 	flagSet.CreateGroup("input", "Input",
 		flagSet.StringSliceVarP(&options.Query, "query", "q", nil, "search query, supports: stdin,file,config input (example: -q 'example query', -q 'query.txt')", goflags.FileStringSliceOptions),
-		flagSet.StringSliceVarP(&options.Engine, "engine", "e", nil, "search engine to query (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,publicwww,criminalip,hunterhow,google) (default shodan)", goflags.FileNormalizedStringSliceOptions),
+		flagSet.StringSliceVarP(&options.Engine, "engine", "e", nil, "search engine to query (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,publicwww,criminalip,hunterhow,google,odin, binaryedge) (default shodan)", goflags.FileNormalizedStringSliceOptions),
+		flagSet.StringSliceVarP(&options.AwesomeSearchQueries, "awesome-search-queries", "asq", nil, "use awesome search queries to discover exposed assets on the internet (example: -asq 'jira')", goflags.FileStringSliceOptions),
 	)
 
 	flagSet.CreateGroup("search-engine", "Search-Engine",
@@ -80,6 +87,8 @@ func ParseOptions() *Options {
 		flagSet.StringSliceVarP(&options.Publicwww, "publicwww", "pw", nil, "search query for publicwww (example: -publicwww 'query.txt')", goflags.FileStringSliceOptions),
 		flagSet.StringSliceVarP(&options.HunterHow, "hunterhow", "hh", nil, "search query for hunterhow (example: -hunterhow 'query.txt')", goflags.FileStringSliceOptions),
 		flagSet.StringSliceVarP(&options.Google, "google", "gg", nil, "search query for google (example: -google 'query.txt')", goflags.FileStringSliceOptions),
+		flagSet.StringSliceVarP(&options.Odin, "odin", "od", nil, "search query for odin (example: -odin 'query.txt')", goflags.FileStringSliceOptions),
+		flagSet.StringSliceVarP(&options.BinaryEdge, "binaryedge", "be", nil, "search query for binaryedge (example: -binaryedge 'query.txt')", goflags.FileStringSliceOptions),
 	)
 
 	flagSet.CreateGroup("config", "Config",
@@ -150,7 +159,9 @@ func ParseOptions() *Options {
 		len(options.CriminalIP),
 		len(options.Publicwww),
 		len(options.HunterHow),
-		len(options.Google)) {
+		len(options.Google),
+		len(options.Odin),
+		len(options.BinaryEdge)) {
 		options.Engine = append(options.Engine, "shodan")
 	}
 
@@ -165,6 +176,12 @@ func ParseOptions() *Options {
 		}
 	}
 
+	if len(options.AwesomeSearchQueries) > 0 {
+		if err := options.useAwesomeSearchQueries(options.AwesomeSearchQueries); err != nil {
+			gologger.Fatal().Msgf("could not use awesome search queries: %s\n", err)
+		}
+	}
+
 	// Validate the options passed by the user and if any
 	// invalid options have been used, exit.
 	if err := options.validateOptions(); err != nil {
@@ -212,7 +229,9 @@ func (options *Options) validateOptions() error {
 		len(options.CriminalIP),
 		len(options.Publicwww),
 		len(options.HunterHow),
-		len(options.Google)) {
+		len(options.Google),
+		len(options.Odin),
+		len(options.BinaryEdge)) {
 		return errors.New("no query provided")
 	}
 
@@ -235,7 +254,9 @@ func (options *Options) validateOptions() error {
 		len(options.CriminalIP),
 		len(options.Publicwww),
 		len(options.HunterHow),
-		len(options.Google)) {
+		len(options.Google),
+		len(options.Odin),
+		len(options.BinaryEdge)) {
 		return errors.New("no engine specified")
 	}
 
@@ -250,8 +271,15 @@ func versionCallback() {
 
 func appendQuery(options *Options, name string, queries ...string) {
 	if len(queries) > 0 {
-		options.Engine = append(options.Engine, name)
-		options.Query = append(options.Query, queries...)
+		if !slices.Contains(options.Engine, name) {
+			options.Engine = append(options.Engine, name)
+		}
+
+		for _, query := range queries {
+			if !slices.Contains(options.Query, query) {
+				options.Query = append(options.Query, query)
+			}
+		}
 	}
 }
 
@@ -268,4 +296,30 @@ func appendAllQueries(options *Options) {
 	appendQuery(options, "publicwww", options.Publicwww...)
 	appendQuery(options, "hunterhow", options.HunterHow...)
 	appendQuery(options, "google", options.Google...)
+	appendQuery(options, "odin", options.Odin...)
+	appendQuery(options, "binaryedge", options.BinaryEdge...)
+}
+
+func (options *Options) useAwesomeSearchQueries(awesomeSearchQueries []string) error {
+	data, err := awesomesearchqueries.GetQueries()
+	if err != nil {
+		return err
+	}
+
+	var queries []awesomesearchqueries.Query
+	if err := json.Unmarshal(data, &queries); err != nil {
+		return err
+	}
+
+	// TODO: This is ugly. Improve this by adding direct query support in awesome-search-queries.
+	for _, query := range awesomeSearchQueries {
+		for _, engine := range queries {
+			if engine.Name == query {
+				for _, engine := range engine.Engines {
+					appendQuery(options, engine.Platform, engine.Queries...)
+				}
+			}
+		}
+	}
+	return nil
 }

runner/options.go

@@ -0,0 +1,75 @@
+package binaryedge
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/projectdiscovery/uncover/sources"
+)
+
+const (
+	URL  = "https://api.binaryedge.io/v2/query/ip/%s"
+	Size = 100
+)
+
+type Agent struct{}
+
+func (agent *Agent) Name() string {
+	return "binaryedge"
+}
+
+func (agent *Agent) Query(session *sources.Session, query *sources.Query) (chan sources.Result, error) {
+	if session.Keys.BinaryEdgeToken == "" {
+		return nil, errors.New("empty binaryedge token")
+	}
+
+	results := make(chan sources.Result)
+	go func() {
+		defer close(results)
+		agent.query(session, query.Query, results)
+	}()
+
+	return results, nil
+}
+
+func (agent *Agent) query(session *sources.Session, searchQuery string, results chan sources.Result) {
+	resp, err := agent.queryURL(session, URL, searchQuery)
+	if err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: err}
+		return
+	}
+	defer resp.Body.Close()
+
+	var apiResponse BinaryedgeResponse
+	if err := json.NewDecoder(resp.Body).Decode(&apiResponse); err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: err}
+		return
+	}
+
+	for _, event := range apiResponse.Events {
+		for _, item := range event.Results {
+			output := sources.Result{
+				Source: agent.Name(),
+				IP:     item.Target.IP,
+				Port:   item.Target.Port,
+			}
+			if raw, err := json.Marshal(item); err == nil {
+				output.Raw = raw
+			}
+			results <- output
+		}
+	}
+}
+
+func (agent *Agent) queryURL(session *sources.Session, baseURL, searchQuery string) (*http.Response, error) {
+	urlWithQuery := fmt.Sprintf(baseURL, url.QueryEscape(searchQuery))
+	request, err := sources.NewHTTPRequest(http.MethodGet, urlWithQuery, nil)
+	if err != nil {
+		return nil, err
+	}
+	request.Header.Set("X-Key", session.Keys.BinaryEdgeToken)
+	return session.Do(request, agent.Name())
+}

sources/agent/binaryedge/binaryedge.go

@@ -0,0 +1,32 @@
+package binaryedge
+
+type BinaryedgeResponse struct {
+    Total  int     `json:"total"`
+    Query  string  `json:"query"`
+    Events []BinaryedgeEvent `json:"events"`
+}
+
+type BinaryedgeEvent struct {
+    Results []BinaryedgeResult `json:"results"`
+    Port    int      `json:"port"`
+}
+
+type BinaryedgeResult struct {
+    Origin BinaryedgeOrigin `json:"origin"`
+    Target BinaryedgeTarget `json:"target"`
+}
+
+type BinaryedgeOrigin struct {
+    Module  string `json:"module"`
+    Port    int    `json:"port"`
+    IP      string `json:"ip"`
+    Type    string `json:"type"`
+    Ts      int64  `json:"ts"`
+    Country string `json:"country"`
+}
+
+type BinaryedgeTarget struct {
+    Protocol string `json:"protocol"`
+    Port     int    `json:"port"`
+    IP       string `json:"ip"`
+}

sources/agent/binaryedge/example.json

@@ -12,7 +12,9 @@ import (
 )
 
 const (
-	URL = "https://api.criminalip.io/v1/banner/search?query=%s&offset=%d"
+	URL        = "https://api.criminalip.io/v1/banner/search?query=%s&offset=%d"
+	offsetStep = 10
+	maxOffset  = 9900
 )
 
 type Agent struct{}
@@ -31,7 +33,8 @@ func (agent *Agent) Query(session *sources.Session, query *sources.Query) (chan
 		defer close(results)
 
 		numberOfResults := 0
-		currentPage := 1
+		currentPage := 0
+
 		for {
 			criminalipRequest := &CriminalIPRequest{
 				Query:  query.Query,
@@ -44,7 +47,14 @@ func (agent *Agent) Query(session *sources.Session, query *sources.Query) (chan
 			}
 
 			numberOfResults += len(criminalipResponse.Data.Result)
-			currentPage++
+
+			nextOffset := currentPage + offsetStep
+
+			if nextOffset > maxOffset {
+				break
+			}
+
+			currentPage = nextOffset
 
 			if numberOfResults > query.Limit || criminalipResponse.Data.Count == 0 || len(criminalipResponse.Data.Result) == 0 {
 				break
@@ -85,7 +95,7 @@ func (agent *Agent) query(URL string, session *sources.Session, criminalipReques
 			result.IP = criminalipResult.IP
 			result.Port = criminalipResult.Port
 			result.Host = criminalipResult.Domain
-			raw, _ := json.Marshal(result)
+			raw, _ := json.Marshal(criminalipResult)
 			result.Raw = raw
 			results <- result
 		}

sources/agent/binaryedge/response.go

@@ -83,7 +83,7 @@ func (agent *Agent) query(URL string, session *sources.Session, fofaRequest *Fof
 		return nil
 	}
 	if fofaResponse.Error {
-		results <- sources.Result{Source: agent.Name(), Error: fmt.Errorf(fofaResponse.ErrMsg)}
+		results <- sources.Result{Source: agent.Name(), Error: fmt.Errorf("%s", fofaResponse.ErrMsg)}
 		return nil
 	}
 
@@ -92,7 +92,7 @@ func (agent *Agent) query(URL string, session *sources.Session, fofaRequest *Fof
 		result.IP = fofaResult[0]
 		result.Port, _ = strconv.Atoi(fofaResult[1])
 		result.Host = fofaResult[2]
-		raw, _ := json.Marshal(result)
+		raw, _ := json.Marshal(fofaResult)
 		result.Raw = raw
 		results <- result
 	}

sources/agent/criminalip/criminalip.go

@@ -104,7 +104,7 @@ func (agent *Agent) query(session *sources.Session, googleRequest *Request, resu
 			result.Url = googleResult.Link
 			result.Host = agent.parseLink(googleResult.Link)
 			result.IP = googleResult.Link
-			raw, _ := json.Marshal(result)
+			raw, _ := json.Marshal(googleResult)
 			result.Raw = raw
 			results <- result
 			lines = append(lines, googleResult.Link)

sources/agent/fofa/fofa.go

@@ -76,7 +76,7 @@ func (agent *Agent) query(URL string, session *sources.Session, hunterRequest *R
 			result.IP = hunterResult.IP
 			result.Port = hunterResult.Port
 			result.Host = hunterResult.Domain
-			raw, _ := json.Marshal(result)
+			raw, _ := json.Marshal(hunterResult)
 			result.Raw = raw
 			results <- result
 		}

sources/agent/google/google.go

@@ -86,7 +86,7 @@ func (agent *Agent) query(URL string, session *sources.Session, results chan sou
 		result.Host = data.Domain
 		result.IP = data.IP
 		result.Port = data.Port
-		raw, _ := json.Marshal(result)
+		raw, _ := json.Marshal(data)
 		result.Raw = raw
 		results <- result
 		lines = append(lines, data.Domain)

sources/agent/hunter/hunter.go

@@ -72,7 +72,7 @@ func (agent *Agent) query(URL string, session *sources.Session, results chan sou
 		result.IP = netlasResult.Data.IP
 		result.Port = netlasResult.Data.Port
 		result.Host = netlasResult.Data.Host
-		raw, _ := json.Marshal(result)
+		raw, _ := json.Marshal(netlasResult)
 		result.Raw = raw
 		results <- result
 	}

sources/agent/hunterhow/hunterhow.go

@@ -0,0 +1,116 @@
+package odin
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+
+	"github.com/projectdiscovery/uncover/sources"
+)
+
+type Agent struct{}
+
+const (
+	OdinAPIURL = "https://api.odin.io/v1/hosts/search"
+)
+
+type OdinRequest struct {
+	Limit int       `json:"limit"`
+	Query string    `json:"query"`
+	Start []float64 `json:"start,omitempty"`
+}
+
+func (agent *Agent) Name() string {
+	return "odin"
+}
+
+func (agent *Agent) Query(session *sources.Session, query *sources.Query) (chan sources.Result, error) {
+	if session.Keys.OdinToken == "" {
+		return nil, errors.New("empty odin token")
+	}
+
+	results := make(chan sources.Result)
+
+	go func() {
+		defer close(results)
+
+		totalFetched := 0
+		var startCursor []float64
+
+		for {
+			reqBody := OdinRequest{
+				Limit: query.Limit,
+				Query: query.Query,
+			}
+			if len(startCursor) == 2 {
+				reqBody.Start = startCursor
+			}
+			odinResp := agent.query(session, &reqBody, results)
+			if odinResp == nil {
+				break
+			}
+
+			countData := len(odinResp.Data)
+			totalFetched += countData
+
+			if countData == 0 {
+				break
+			}
+			startCursor = odinResp.Pagination.Last
+
+			if totalFetched >= query.Limit || totalFetched >= odinResp.Pagination.Total {
+				break
+			}
+		}
+	}()
+
+	return results, nil
+}
+
+func (agent *Agent) query(session *sources.Session, odinReq *OdinRequest, results chan sources.Result) *OdinResponse {
+	reqBody, err := json.Marshal(odinReq)
+	if err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: fmt.Errorf("failed to marshal request: %v", err)}
+		return nil
+	}
+
+	httpReq, err := sources.NewHTTPRequest(http.MethodPost, OdinAPIURL, bytes.NewReader(reqBody))
+	if err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: err}
+		return nil
+	}
+
+	httpReq.Header.Set("X-API-Key", session.Keys.OdinToken)
+	httpReq.Header.Set("Content-Type", "application/json")
+
+	resp, err := session.Do(httpReq, agent.Name())
+	if err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: err}
+		return nil
+	}
+	defer resp.Body.Close()
+
+	var odinResp OdinResponse
+	if err := json.NewDecoder(resp.Body).Decode(&odinResp); err != nil {
+		results <- sources.Result{Source: agent.Name(), Error: fmt.Errorf("failed to decode odin response: %v", err)}
+		return nil
+	}
+
+	for _, host := range odinResp.Data {
+		for _, svc := range host.Services {
+			result := sources.Result{
+				Source: agent.Name(),
+				IP:     host.IP,
+				Port:   svc.Port,
+			}
+			rawBytes, _ := json.Marshal(host)
+			result.Raw = rawBytes
+
+			results <- result
+		}
+	}
+
+	return &odinResp
+}

sources/agent/netlas/netlas.go

@@ -0,0 +1,30 @@
+package odin
+
+type OdinResponse struct {
+	Success    bool       `json:"success"`
+	Pagination Pagination `json:"pagination"`
+	Data       []HostData `json:"data"`
+}
+
+type Pagination struct {
+	Start []float64 `json:"start"`
+	Last  []float64 `json:"last"`
+	Limit int       `json:"limit"`
+	Total int       `json:"total"`
+}
+
+type HostData struct {
+	ScanID        int64     `json:"scan_id"`
+	IP            string    `json:"ip"`
+	IsIPv4        bool      `json:"is_ipv4"`
+	IsIPv6        bool      `json:"is_ipv6"`
+	Services      []Service `json:"services"`
+	LastUpdatedAt string    `json:"last_updated_at"`
+}
+
+type Service struct {
+	Port          int    `json:"port"`
+	Protocol      string `json:"protocol"`
+	Name          string `json:"name"`
+	LastUpdatedAt string `json:"last_updated_at"`
+}

sources/agent/odin/example.json

@@ -96,7 +96,7 @@ func (agent *Agent) query(URL string, session *sources.Session, results chan sou
 				}
 				result.Host = hostname
 				result.Url = record[0]
-				raw, _ := json.Marshal(result)
+				raw, _ := json.Marshal(record)
 				result.Raw = raw
 				results <- result
 				lines = append(lines, trimmedLine)

sources/agent/odin/odin.go

@@ -95,7 +95,7 @@ func (agent *Agent) query(URL string, session *sources.Session, quakeRequest *Re
 		result.IP = quakeResult.IP
 		result.Port = quakeResult.Port
 		result.Host = quakeResult.Hostname
-		raw, _ := json.Marshal(result)
+		raw, _ := json.Marshal(quakeResult)
 		result.Raw = raw
 		results <- result
 	}

sources/agent/odin/response.go

@@ -3,18 +3,18 @@ package zoomeye
 import (
 	"encoding/json"
 	"fmt"
-	"strings"
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
 
 	"errors"
 
 	"github.com/projectdiscovery/uncover/sources"
 )
 
 var (
-	URL = "https://api.zoomeye.org/host/search?query=%s&page=%d"
+	URL = "https://api.zoomeye.hk/host/search?query=%s&page=%d"
 )
 
 type Agent struct{}
@@ -25,7 +25,7 @@ func (agent *Agent) Name() string {
 
 func (agent *Agent) Query(session *sources.Session, query *sources.Query) (chan sources.Result, error) {
 	if session.Keys.ZoomEyeHost != "" {
-		URL = strings.Replace(URL, "zoomeye.org", session.Keys.ZoomEyeHost, 1)
+		URL = strings.Replace(URL, "zoomeye.hk", session.Keys.ZoomEyeHost, 1)
 	}
 
 	if session.Keys.ZoomEyeToken == "" {

sources/agent/publicwww/publicwww.go

@@ -16,6 +16,8 @@ type Keys struct {
 	HunterHowToken  string
 	GoogleKey       string
 	GoogleCX        string
+	OdinToken       string
+	BinaryEdgeToken string
 }
 
 func (keys Keys) Empty() bool {
@@ -33,5 +35,7 @@ func (keys Keys) Empty() bool {
 		keys.PublicwwwToken == "" &&
 		keys.HunterHowToken == "" &&
 		keys.GoogleKey == "" &&
-		keys.GoogleCX == ""
+		keys.GoogleCX == "" &&
+		keys.OdinToken == "" &&
+		keys.BinaryEdgeToken == ""
 }

sources/agent/quake/quake.go

@@ -32,6 +32,8 @@ type Provider struct {
 	Publicwww  []string `yaml:"publicwww"`
 	HunterHow  []string `yaml:"hunterhow"`
 	Google     []string `yaml:"google"`
+	Odin       []string `yaml:"odin"`
+	BinaryEdge []string `yaml:"binaryedge"`
 }
 
 // NewProvider loads provider keys from default location and env variables
@@ -80,8 +82,8 @@ func (provider *Provider) GetKeys() Keys {
 	if len(provider.ZoomEye) > 0 {
 		zoomeye := provider.ZoomEye[rand.Intn(len(provider.ZoomEye))]
 		parts := strings.Split(zoomeye, ":")
+		keys.ZoomEyeToken = parts[0]
 		if len(parts) == 2 {
-			keys.ZoomEyeToken = parts[0]
 			keys.ZoomEyeHost = parts[1]
 		}
 	}
@@ -108,6 +110,12 @@ func (provider *Provider) GetKeys() Keys {
 			keys.GoogleCX = parts[1]
 		}
 	}
+	if len(provider.Odin) > 0 {
+		keys.OdinToken = provider.Odin[rand.Intn(len(provider.Odin))]
+	}
+	if len(provider.BinaryEdge) > 0 {
+		keys.BinaryEdgeToken = provider.BinaryEdge[rand.Intn(len(provider.BinaryEdge))]
+	}
 
 	return keys
 }
@@ -153,6 +161,8 @@ func (provider *Provider) LoadProviderKeysFromEnv() {
 	provider.Fofa = appendIfAllExists(provider.Fofa, "FOFA_EMAIL", "FOFA_KEY")
 	provider.Censys = appendIfAllExists(provider.Censys, "CENSYS_API_ID", "CENSYS_API_SECRET")
 	provider.Google = appendIfAllExists(provider.Google, "GOOGLE_API_KEY", "GOOGLE_API_CX")
+	provider.Odin = appendIfExists(provider.Odin, "ODIN_API_KEY")
+	provider.BinaryEdge = appendIfExists(provider.BinaryEdge, "BINARYEDGE_API_KEY")
 }
 
 // HasKeys returns true if at least one agent/source has keys
@@ -169,6 +179,8 @@ func (provider *Provider) HasKeys() bool {
 		len(provider.HunterHow) > 0,
 		len(provider.Google) > 0,
 		len(provider.Publicwww) > 0,
+		len(provider.Odin) > 0,
+		len(provider.BinaryEdge) > 0,
 	)
 }
 

sources/agent/zoomeye/zoomeye.go

@@ -28,6 +28,8 @@ var DefaultRateLimits = map[string]*ratelimit.Options{
 	"publicwww":  {Key: "publicwww", MaxCount: 1, Duration: time.Minute},
 	"hunterhow":  {Key: "hunterhow", MaxCount: 1, Duration: 3 * time.Second},
 	"google":     {Key: "google", MaxCount: 1, Duration: 3 * time.Second},
+	"odin":       {Key: "odin", MaxCount: 1, Duration: time.Second},
+	"binaryedge": {Key: "binaryedge", MaxCount: 1, Duration: time.Second},
 }
 
 // Session handles session agent sessions

sources/keys.go

@@ -7,18 +7,21 @@ import (
 
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/uncover/sources"
+	"github.com/projectdiscovery/uncover/sources/agent/binaryedge"
 	"github.com/projectdiscovery/uncover/sources/agent/censys"
 	"github.com/projectdiscovery/uncover/sources/agent/criminalip"
 	"github.com/projectdiscovery/uncover/sources/agent/fofa"
 	"github.com/projectdiscovery/uncover/sources/agent/google"
 	"github.com/projectdiscovery/uncover/sources/agent/hunter"
 	"github.com/projectdiscovery/uncover/sources/agent/hunterhow"
 	"github.com/projectdiscovery/uncover/sources/agent/netlas"
+	"github.com/projectdiscovery/uncover/sources/agent/odin"
 	"github.com/projectdiscovery/uncover/sources/agent/publicwww"
 	"github.com/projectdiscovery/uncover/sources/agent/quake"
 	"github.com/projectdiscovery/uncover/sources/agent/shodan"
 	"github.com/projectdiscovery/uncover/sources/agent/shodanidb"
 	"github.com/projectdiscovery/uncover/sources/agent/zoomeye"
+
 	errorutil "github.com/projectdiscovery/utils/errors"
 	stringsutil "github.com/projectdiscovery/utils/strings"
 )
@@ -75,6 +78,10 @@ func New(opts *Options) (*Service, error) {
 			s.Agents = append(s.Agents, &hunterhow.Agent{})
 		case "google":
 			s.Agents = append(s.Agents, &google.Agent{})
+		case "odin":
+			s.Agents = append(s.Agents, &odin.Agent{})
+		case "binaryedge":
+			s.Agents = append(s.Agents, &binaryedge.Agent{})
 		}
 	}
 	s.Provider = sources.NewProvider()
@@ -179,7 +186,7 @@ func (s *Service) ExecuteWithCallback(ctx context.Context, callback func(result
 // AllAgents returns all supported uncover Agents
 func (s *Service) AllAgents() []string {
 	return []string{
-		"shodan", "censys", "fofa", "shodan-idb", "quake", "hunter", "zoomeye", "netlas", "criminalip", "publicwww", "hunterhow", "google",
+		"shodan", "censys", "fofa", "shodan-idb", "quake", "hunter", "zoomeye", "netlas", "criminalip", "publicwww", "hunterhow", "google", "odin", "binaryedge",
 	}
 }