sercanarga
diff --git a/‎CHANGELOG.md‎
Lines changed: 56 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 64 additions & 5 deletions b/‎CONTRIBUTING.md‎
Lines changed: 64 additions & 5 deletions
diff --git a/‎README.md‎
Lines changed: 28 additions & 99 deletions b/‎README.md‎
Lines changed: 28 additions & 99 deletions
diff --git a/‎VERSION‎
Lines changed: 1 addition & 0 deletions b/‎VERSION‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎build.ps1‎
Lines changed: 1 addition & 1 deletion b/‎build.ps1‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,56 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [2.2.1] - 2025-12-11
+
+### Added
+- **Referer Header Rotation**: Random referer from Google, Bing, DuckDuckGo for more realistic requests
+- **Smart Jitter Function**: `config.AddSmartJitter()` with occasional long pauses (1-3s) for natural patterns
+- **uTLS Transport**: Chrome 131 TLS fingerprint support (ready for integration)
+- New config constants: `DialTimeout`, `MaxJitterMs`
+- Unified RNG functions in config: `GetRandomInt`, `GetRandomString`, `ShuffleStrings`
+
+### Changed
+- Reduced jitter from 100-800ms to 0-200ms for faster scanning
+- Reduced timeouts for better performance:
+  - TLS handshake: 10s → 5s
+  - Response header: 10s → 5s
+  - Dial timeout: 10s → 5s
+  - Retry backoff: 500ms → 200ms
+- `ValidateTimeout` now uses `config.MinTimeout` constant
+- Updated GitHub URL to `sercanarga/ipmap`
+
+### Fixed
+- Domain resolution failure with uTLS HTTP/2 compatibility
+- Hardcoded timeout values now use config constants
+
+### Removed
+- ~500 lines of dead code from scanner.go
+- Unused uTLS dependencies (temporarily, readded for future use)
+
+## [2.0.0] - 2025-12-10
+
+### Added
+- Chrome 131 TLS fingerprint (JA3/JA4 spoofing)
+- Real Chrome header order for WAF bypass
+- Proxy support (HTTP/HTTPS/SOCKS5)
+- Custom DNS servers
+- Rate limiting (token bucket algorithm)
+- IP shuffling for firewall bypass
+- Graceful Ctrl+C handling with export option
+- Input validation for ASN, IP/CIDR formats
+- Verbose logging mode
+- JSON output format
+
+### Changed
+- Complete rewrite of HTTP client
+- Improved concurrent worker management
+- Better error handling and recovery
+
+---
+
+## Version History
+- **2.1.0**: Anti-detection improvements, performance optimization
+- **2.0.0**: Major rewrite with anti-detection features
+- **1.0.0**: Initial release
@@ -21,9 +21,10 @@ Thank you for your interest in contributing to ipmap! We welcome contributions f
 3. Make your changes
 4. Add or update tests as needed
 5. Ensure all tests pass (`go test ./... -v`)
-6. Commit your changes (`git commit -m 'Add amazing feature'`)
-7. Push to the branch (`git push origin feature/amazing-feature`)
-8. Open a Pull Request
+6. Run `go vet ./...` to check for issues
+7. Commit your changes (`git commit -m 'Add amazing feature'`)
+8. Push to the branch (`git push origin feature/amazing-feature`)
+9. Open a Pull Request
 
 ## Development Setup
 
@@ -33,33 +34,91 @@ git clone https://github.com/sercanarga/ipmap.git
 cd ipmap
 
 # Install dependencies
-go mod download
+go mod tidy
 
 # Build the project
 go build -o ipmap .
 
 # Run tests
 go test ./... -v
 
+# Run tests with coverage
+go test ./... -v -cover
+
+# Run static analysis
+go vet ./...
+
 # Run with verbose output
 ./ipmap -asn AS13335 -v
 ```
 
+## Project Structure
+
+```
+ipmap/
+├── main.go              # Entry point, CLI flags
+├── config/
+│   └── config.go        # Global config, RNG, jitter functions
+├── modules/
+│   ├── scanner.go       # Chrome 131 headers, uTLS transport
+│   ├── request.go       # HTTP client with retry
+│   ├── resolve_site.go  # Worker pool, IP scanning
+│   ├── get_site.go      # Site discovery per IP
+│   ├── validators.go    # Input validation
+│   ├── rate_limiter.go  # Token bucket rate limiter
+│   └── ...
+├── tools/
+│   ├── find_asn.go      # ASN scanning
+│   └── find_ip.go       # IP block scanning
+├── bin/                 # Cross-platform builds
+└── README.md
+```
+
 ## Code Style
 
 - Follow Go conventions and best practices
 - Use meaningful variable and function names
 - Add comments for exported functions and complex logic
 - Keep functions focused and concise
 - Run `go fmt` before committing
+- Run `go vet` to catch common issues
 
 ## Testing
 
 - Write tests for new features
 - Ensure all existing tests pass
-- Aim for good test coverage
+- Aim for good test coverage (current: ~30%)
 - Test edge cases and error conditions
+- Place tests in `*_test.go` files
+
+### Running Tests
+
+```bash
+# All tests
+go test ./... -v
+
+# Specific package
+go test ./modules -v
+
+# With coverage report
+go test ./... -v -cover
+
+# Run benchmarks
+go test ./... -bench=.
+```
+
+## Anti-Detection Guidelines
+
+When modifying the scanner module:
+
+1. **TLS Fingerprint**: Use `utls.HelloChrome_Auto` for latest Chrome fingerprint
+2. **Header Order**: Maintain exact Chrome header order (not alphabetical)
+3. **Accept-Encoding**: Include `zstd` for Chrome 131+
+4. **Jitter**: Use `config.AddJitter()` (0-200ms) or `config.AddSmartJitter()` (with occasional long pauses)
+5. **User-Agent**: Use Chrome 130+ versions only
+6. **Referer**: Rotate between Google, Bing, DuckDuckGo URLs
 
 ## License
 
 By contributing to ipmap, you agree that your contributions will be licensed under the MIT License.
+
@@ -7,7 +7,10 @@ An open-source, cross-platform powerful network analysis tool for discovering we
 - ASN scanning (Autonomous System Number) with IPv4/IPv6 support
 - IP block scanning (CIDR format)
 - HTTPS/HTTP automatic fallback
-- Firewall bypass techniques (IP shuffling, header randomization, jitter)
+- **Chrome 131 TLS Fingerprint** (JA3/JA4 spoofing via uTLS)
+- **Real Chrome Header Order** (WAF bypass optimized)
+- **Referer Header Rotation** (Google, Bing, DuckDuckGo)
+- Firewall bypass techniques (IP shuffling, header randomization, smart jitter)
 - Proxy support (HTTP/HTTPS/SOCKS5)
 - Custom DNS servers
 - Rate limiting (token bucket algorithm)
@@ -16,17 +19,27 @@ An open-source, cross-platform powerful network analysis tool for discovering we
 - Configurable concurrent workers (1-1000)
 - Real-time progress bar
 - Graceful Ctrl+C handling with result export
+- Input validation (ASN, IP/CIDR format checking)
+- Large CIDR block protection (max 1M IPs)
 
 ## Installation
 
-Download the latest version from [Releases](https://github.com/lordixir/ipmap/releases) and run:
-
+**From Releases:**
 ```bash
+# Download from releases
 unzip ipmap.zip
 chmod +x ipmap
 ./ipmap
 ```
 
+**Build from Source:**
+```bash
+git clone https://github.com/sercanarga/ipmap.git
+cd ipmap
+go mod tidy
+go build -o ipmap .
+```
+
 ## Usage
 
 ### Parameters
@@ -35,123 +48,39 @@ chmod +x ipmap
 -asn AS13335                         # Scan all IP blocks in the ASN
 -ip 103.21.244.0/22                  # Scan specified IP blocks
 -d example.com                       # Search for specific domain
--t 2000                              # Request timeout in milliseconds (auto-calculated if not set)
+-t 2000                              # Request timeout in ms (auto if not set)
 --export                             # Auto-export results
 -format json                         # Output format (text or json)
--workers 100                         # Number of concurrent workers (default: 100)
+-workers 100                         # Concurrent workers (default: 100)
 -v                                   # Verbose mode
--c                                   # Continue scanning until completion
+-c                                   # Continue until completion
 -proxy http://127.0.0.1:8080         # Proxy URL (HTTP/HTTPS/SOCKS5)
--rate 50                             # Rate limit (requests/second, 0 = unlimited)
--dns 8.8.8.8,1.1.1.1                # Custom DNS servers
+-rate 50                             # Rate limit (requests/sec, 0 = unlimited)
+-dns 8.8.8.8,1.1.1.1                 # Custom DNS servers
 ```
 
 ### Examples
 
-**Basic ASN scan (auto timeout):**
 ```bash
+# Basic ASN scan
 ipmap -asn AS13335
-```
 
-**Find domain in ASN:**
-```bash
+# Find domain in ASN
 ipmap -asn AS13335 -d example.com
-```
 
-**Scan IP blocks:**
-```bash
+# Scan IP blocks
 ipmap -ip 103.21.244.0/22,103.22.200.0/22
-```
 
-**High-performance scan:**
-```bash
+# High-performance scan
 ipmap -asn AS13335 -workers 200 -v
-```
-
-**Export results:**
-```bash
-ipmap -asn AS13335 -d example.com --export
-```
-
-**JSON output:**
-```bash
-ipmap -asn AS13335 -format json --export
-```
-
-## Proxy & Rate Limiting
-
-ipmap supports HTTP, HTTPS, and SOCKS5 proxies for anonymous scanning.
-
-**HTTP proxy:**
-```bash
-ipmap -asn AS13335 -proxy http://127.0.0.1:8080
-```
-
-**SOCKS5 proxy (Tor):**
-```bash
-ipmap -asn AS13335 -proxy socks5://127.0.0.1:9050
-```
 
-**Proxy with auth:**
-```bash
-ipmap -asn AS13335 -proxy http://user:[email protected]:8080
-```
-
-**Rate limiting:**
-```bash
-ipmap -asn AS13335 -rate 50 -workers 50
-```
+# With proxy and rate limiting
+ipmap -asn AS13335 -proxy socks5://127.0.0.1:9050 -rate 50
 
-**Full configuration:**
-```bash
+# Full configuration
 ipmap -asn AS13335 -d example.com -proxy http://127.0.0.1:8080 -rate 100 -workers 50 -dns 8.8.8.8 -v --export
 ```
 
-> **Note:** When using proxies, reduce worker count and enable rate limiting to avoid overwhelming the proxy.
-
-## Firewall Bypass Features
-
-ipmap includes built-in firewall bypass techniques:
-
-- **IP Shuffling:** Randomizes scan order to avoid sequential pattern detection
-- **Header Randomization:** Rotates User-Agent, Accept-Language, Chrome versions, platforms
-- **Request Jitter:** Adds random 0-50ms delay between requests
-- **Dynamic Timeout:** Auto-adjusts timeout based on worker count
-
-## Interrupt Handling (Ctrl+C)
-
-Press Ctrl+C during scan to:
-1. Immediately stop all scanning
-2. View found results count
-3. Option to export partial results
-
-## Building
-
-```bash
-git clone https://github.com/lordixir/ipmap.git
-cd ipmap
-go build -o ipmap .
-```
-
-## Testing
-
-```bash
-go test ./... -v
-```
-
-## Changelog (v2.0)
-
-- ✅ Added IP shuffling for firewall bypass
-- ✅ Added request jitter (0-50ms random delay)
-- ✅ Added header randomization (language, chrome version, platform)
-- ✅ Fixed Ctrl+C interrupt handling (immediate stop)
-- ✅ Added dynamic timeout calculation based on workers
-- ✅ Added IPv6 support for ASN scanning
-- ✅ Improved error logging
-- ✅ Fixed result collection bug with high workers
-- ✅ Removed gzip to fix response parsing
-- ✅ Added scan statistics at completion
-
 ## License
 
 This project is open-source and available under the MIT License.
 
@@ -0,0 +1 @@
+2.2.1
@@ -1,7 +1,7 @@
 # ipmap Multi-Platform Build Script
 # Builds for macOS (ARM64 + AMD64) and Linux (AMD64)
 
-$VERSION = "2.0"
+$VERSION = "2.2.1"
 $APP_NAME = "ipmap"
 $BUILD_DIR = "bin"