Release v4.3.0: Massive Power Boost & Code Organization

Author: lucasenlucas

Makefile

@@ -1,7 +1,7 @@
 .PHONY: build clean
 
 APP_NAME=netscope
-VERSION=4.1.1
+VERSION=4.3.0
 
 build:
 	go build -ldflags "-s -w -X main.version=${VERSION}" -o ${APP_NAME} *.go

README.md

@@ -1,15 +1,16 @@
-# NetScope (v4.1.1)
+# NetScope (v4.3.0)
 Formerly known as Lucas Kit, UltraDNS, and SiteStress.
 
-NetScope is an all-in-one DNS and HTTP analytical engine, combining advanced network enumeration capabilities with Layer 7 volumetric stress testing functionalities.
+NetScope is an all-in-one DNS and HTTP discovery engine, combining advanced network enumeration capabilities with Layer 7 volumetric stress testing functionalities.
 
 **Author**: Lucas Mangroelal | [lucasmangroelal.nl](https://lucasmangroelal.nl)
 
 ## Features
 - **DNS Enumeration (`-inf`, `-whois`, `-subs`)**: Perform comprehensive DNS mapping, Certificate Transparency log parsing, and Mail Security (SPF, DKIM, DMARC) validation.
 - **Web Analytics (`-http`, `-tls`, `-headers`, `-ports`, `-paths`)**: Scan web infrastructures for missing security headers, open administrative ports, sensitive configuration paths, permissive CORS, insecure cookies, and more.
+- **Discovery & Analyser (`-dir`, `-params`, `-cms`)**: Discover hidden directories, files, and parameters. Perform deep CMS & Plugin analysis for WordPress, Joomla, and more.
+- **Powerful L7 Stress Testing (`-t`, `-c`, `-level`)**: Multi-threaded HTTP/HTTPS volumetric stress tester with randomized Referrers, User-Agents, and Cache-Bypassing logic to assess CDN resilience.
 - **Bot Detection (`-crawlers`)**: Verify if robots.txt properly mitigates AI aggregator/spider indexing.
-- **L7 Stress Testing (`-t`, `-c`, `-level`)**: Multi-threaded HTTP/HTTPS volumetric stress tester meant for assessing CDN mitigations and load balancer configurations.
 
 ## Installation
 

discovery_wizard.go

@@ -0,0 +1,68 @@
+package main
+
+import (
+	"fmt"
+	"os"
+)
+
+func runDiscoveryWizard(o options) {
+	fmt.Println("Welkom bij de NetScope Discovery Wizard!")
+	fmt.Println("Ik help je om snel de juiste scan-instellingen te kiezen.")
+
+	// Step 1: Target Domain
+	domainLabel := "Op welk domein wil je de analyse uitvoeren?"
+	domainExpl := "Het domein is het adres van de website (bijv. example.com). Voer de naam in zonder http:// of https://."
+	domainChatGPT := "Ik ben bezig met een security-analyse van mijn eigen omgeving. Hoe identificeer ik het hoofddomein van een webserver voor technische scouting?"
+
+	for o.domain == "" {
+		o.domain = promptInput(domainLabel, domainExpl, domainChatGPT)
+		if o.domain == "" {
+			fmt.Println("[!] Oeps! Je moet wel een domein opgeven om verder te gaan.")
+		}
+	}
+	o.domain = normalizeDomain(o.domain)
+
+	// Step 2: Discovery Mode Selection
+	discoveryOptions := []string{
+		"Basis Scan (DNS, Security Headers, WHOIS)",
+		"Directory & File Discovery (Bestandsscan)",
+		"Parameter Discovery (Verborgen parameters)",
+		"CMS & Plugin Analysis (WordPress/Joomla)",
+		"Full Discovery (Alles hierboven)",
+	}
+
+	choice := promptMenu("Welke analyse-modus wil je starten?", discoveryOptions)
+
+	switch choice {
+	case 0:
+		o.inf = true
+		o.headersCheck = true
+		o.whois = true
+	case 1:
+		o.dirCheck = true
+	case 2:
+		o.paramsCheck = true
+	case 3:
+		o.cmsCheck = true
+	case 4:
+		o.inf = true
+		o.dirCheck = true
+		o.paramsCheck = true
+		o.cmsCheck = true
+		o.headersCheck = true
+	}
+
+	// Step 3: Final Confirmation
+	fmt.Printf("\n--- Configuratie Compleet ---\n")
+	fmt.Printf("Doelwit:  %s\n", o.domain)
+	fmt.Printf("Modus:    %s\n", discoveryOptions[choice])
+
+	confirm := promptInput("Alles naar wens? (druk op Enter om te starten, of 'n' om te stoppen)", "", "")
+	if confirm == "n" || confirm == "N" {
+		fmt.Println("Analyse afgebroken. Tot de volgende keer!")
+		os.Exit(0)
+	}
+
+	fmt.Println("\n🚀 We gaan beginnen! NetScope modules worden geladen...")
+	runUnifiedAnalysis(o)
+}

main.go

@@ -4,28 +4,11 @@ import (
 	"flag"
 	"fmt"
 	"os"
-	"runtime"
 	"strings"
 	"time"
 )
 
-const version = "4.1.1"
-
-func printBanner() {
-	banner := `
-    _   __     __  _____                     
-   / | / /__  / /_/ ___/_________  ____  ___ 
-  /  |/ / _ \/ __/\__ \/ ___/ __ \/ __ \/ _ \
- / /|  /  __/ /_ ___/ / /__/ /_/ / /_/ /  __/
-/_/ |_/\___/\__//____/\___/\____/ .___/\___/ 
-                               /_/           
-`
-	fmt.Println(banner)
-	fmt.Println("NetScope is made by Lucas Mangroelal | lucasmangroelal.nl")
-	fmt.Printf("Version: %s | Platform: %s/%s\n", version, runtime.GOOS, runtime.GOARCH)
-	fmt.Println("💡 [TIP]: Gebruik '-brute -cms' voor de ultieme aanval op WordPress sites!")
-	fmt.Println("")
-}
+const version = "4.3.0"
 
 type options struct {
 	domain  string
@@ -70,9 +53,6 @@ type options struct {
 	dirCheck    bool
 	paramsCheck bool
 	cmsCheck    bool
-	bruteCheck  bool
-	wordlist    string
-	username    string
 
 	// Stress Test Flags
 	measure       bool
@@ -139,10 +119,7 @@ func main() {
 	// Vulnerability & SecLists
 	flag.BoolVar(&o.dirCheck, "dir", false, "Uitgebreide Directory & File Busting (SecLists)")
 	flag.BoolVar(&o.paramsCheck, "params", false, "Verborgen Parameter Discovery fuzzing")
-	flag.BoolVar(&o.cmsCheck, "cms", false, "CMS Vulnerability Scanner (WordPress, Joomla, etc)")
-	flag.BoolVar(&o.bruteCheck, "brute", false, "Credential Brute-Forcing (SecLists)")
-	flag.StringVar(&o.wordlist, "w", "", "Eigen lokale wordlist gebruiken (overschrijft SecLists download)")
-	flag.StringVar(&o.username, "u", "", "Gebruikersnaam voor credential brute-forcing")
+	flag.BoolVar(&o.cmsCheck, "cms", false, "CMS Discovery Scanner (WordPress, Joomla, etc)")
 
 	// Stress Test
 	flag.BoolVar(&o.measure, "measure", false, "Meet de bereikbaarheid/latency van de site")
@@ -153,7 +130,7 @@ func main() {
 	flag.BoolVar(&o.noKeepAlive, "no-keepalive", false, "Schakel Keep-Alive uit bij stress test (verzadigt sockets sneller)")
 
 	flag.Usage = func() {
-		printBanner()
+		printBanner(version)
 		fmt.Fprintf(os.Stderr, "Gebruik: netscope -d <domein> [flags]\n\n")
 
 		printBoxedSection("🎯 ALGEMEEN & DOELWIT", []flagHelp{
@@ -190,13 +167,10 @@ func main() {
 			{"-crawlers", "Controleer of de applicatie data-scraping door AI (LLM Bot) blokkeert"},
 		})
 
-		printBoxedSection("🔥 VULNERABILITY & BRUTE-FORCING", []flagHelp{
+		printBoxedSection("🔍 DISCOVERY & ANALYSE", []flagHelp{
 			{"-dir", "Uitgebreide Directory & File Busting (downloadt SecLists)"},
 			{"-params", "Verborgen Parameter Discovery (Fuzzing)"},
-			{"-cms", "Agressieve CMS kwetsbaarhedenscan (WP/Joomla)"},
-			{"-brute", "Credential Brute-Forcing op Login Portalen"},
-			{"-w", "Optioneel: Geef een eigen wordlist pad op (/pad/naar/lijst.txt)"},
-			{"-u", "Optioneel: Geef de target gebruikersnaam op (admin)"},
+			{"-cms", "Agressieve CMS & Plugin discovery (WP/Joomla)"},
 		})
 
 		printBoxedSection("⚡ CAPACITEITS & L7 STRESS TEST", []flagHelp{
@@ -218,7 +192,7 @@ func main() {
 	flag.Parse()
 
 	if o.version {
-		printBanner()
+		printBanner(version)
 		os.Exit(0)
 	}
 
@@ -228,28 +202,29 @@ func main() {
 	}
 
 	if o.update {
-		printBanner()
+		printBanner(version)
 		runAutoUpdate()
 		os.Exit(0)
 	}
 
 	if o.check {
-		printBanner()
+		printBanner(version)
 		runCheckUpdate()
 		os.Exit(0)
 	}
 
 	if o.domain == "" {
-		flag.Usage()
-		os.Exit(2)
+		runDiscoveryWizard(o)
+		return
 	}
 
 	if !o.jsonOut {
-		printBanner()
+		printBanner(version)
 	}
 
 	if o.attackMinutes > 0 {
-		runAttackOrchestrator(o)
+		applyLevelSettings(&o)
+		runAttack([]string{o.domain}, o)
 		return
 	}
 
@@ -263,7 +238,3 @@ func normalizeDomain(d string) string {
 	d = strings.TrimSuffix(d, "/")
 	return strings.TrimSuffix(d, ".")
 }
-
-func runAttackOrchestrator(o options) {
-	fmt.Println("Attack starting... (Placeholder)")
-}

run_unified.go

@@ -34,13 +34,13 @@ func runUnifiedAnalysis(o options) {
 		runWebAnalysis(o)
 	}
 
-	// Vulnerability & Brute-Force routing
-	runVuln := false
-	if o.dirCheck || o.paramsCheck || o.cmsCheck || o.bruteCheck {
-		runVuln = true
+	// Vulnerability & Discovery routing
+	runDiscovery := false
+	if o.dirCheck || o.paramsCheck || o.cmsCheck {
+		runDiscovery = true
 	}
-	if runVuln {
-		fmt.Println("\n🔥 [MODULE: VULNERABILITY & BRUTE-FORCING]")
+	if runDiscovery {
+		fmt.Println("\n🔍 [MODULE: VULNERABILITY & DISCOVERY]")
 		runVulnAnalysis(o)
 	}
 

scripts/build.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 APP_NAME="netscope"
-VERSION="4.1.1"
+VERSION="4.3.0"
 
 echo "Building $APP_NAME v$VERSION..."
 

stress_analysis.go

@@ -1,12 +1,14 @@
 package main
 
 import (
-"fmt"
-"math/rand"
-"net/http"
-"sync"
-"sync/atomic"
-"time"
+	"fmt"
+	"io"
+	"math/rand"
+	"net/http"
+	"net/url"
+	"sync"
+	"sync/atomic"
+	"time"
 )
 
 var userAgents = []string{
@@ -21,6 +23,19 @@ func getRandomUserAgent() string {
 	return userAgents[rand.Intn(len(userAgents))]
 }
 
+var referrers = []string{
+	"https://www.google.com/",
+	"https://www.bing.com/",
+	"https://www.facebook.com/",
+	"https://twitter.com/",
+	"https://www.linkedin.com/",
+	"https://duckduckgo.com/",
+}
+
+func getRandomReferrer() string {
+	return referrers[rand.Intn(len(referrers))]
+}
+
 type domainStats struct {
 	domain          string
 	targetURL       string
@@ -49,16 +64,26 @@ func applyLevelSettings(o *options) {
 	}
 
 	switch o.level {
-	case 1: o.concurrency = 50
-	case 2: o.concurrency = 150
-	case 3: o.concurrency = 300
-	case 4: o.concurrency = 750
-	case 5: o.concurrency = 1500
-	case 6: o.concurrency = 3000
-	case 7: o.concurrency = 5000
-	case 8: o.concurrency = 8000
-	case 9: o.concurrency = 12000
-	case 10: o.concurrency = 20000
+	case 1:
+		o.concurrency = 100
+	case 2:
+		o.concurrency = 500
+	case 3:
+		o.concurrency = 1500
+	case 4:
+		o.concurrency = 3000
+	case 5:
+		o.concurrency = 7000
+	case 6:
+		o.concurrency = 12000
+	case 7:
+		o.concurrency = 18000
+	case 8:
+		o.concurrency = 25000
+	case 9:
+		o.concurrency = 35000
+	case 10:
+		o.concurrency = 50000
 	}
 
 	fmt.Printf("🎚️  Power Level: %d -> %d Workers\n", o.level, o.concurrency)
@@ -93,9 +118,12 @@ func runAttack(domains []string, o options) {
 		}
 
 		client := &http.Client{
-			Timeout: 5 * time.Second,
+			Timeout: 10 * time.Second,
 			Transport: &http.Transport{
-				DisableKeepAlives: o.noKeepAlive,
+				DisableKeepAlives:   o.noKeepAlive,
+				MaxIdleConns:        o.concurrency * 2,
+				MaxIdleConnsPerHost: o.concurrency * 2,
+				IdleConnTimeout:     10 * time.Second,
 			},
 		}
 
@@ -124,7 +152,7 @@ func runAttack(domains []string, o options) {
 
 			fmt.Printf("  %s -> %s\n", s.domain, downStr)
 			fmt.Printf("    Reqs: %d (Success: %d, Fail: %d)\n",
-atomic.LoadInt64(&s.totalRequests),
+				atomic.LoadInt64(&s.totalRequests),
 				atomic.LoadInt64(&s.successRequests),
 				atomic.LoadInt64(&s.failedRequests))
 			s.mu.Unlock()
@@ -137,17 +165,29 @@ atomic.LoadInt64(&s.totalRequests),
 
 func worker(client *http.Client, targetURL string, s *domainStats, deadline time.Time) {
 	for time.Now().Before(deadline) {
-		req, _ := http.NewRequest("GET", targetURL, nil)
+		// Random Cache-Bypass
+		cb := fmt.Sprintf("%d", rand.Int63())
+		u, _ := url.Parse(targetURL)
+		q := u.Query()
+		q.Set("cb", cb)
+		u.RawQuery = q.Encode()
+
+		req, _ := http.NewRequest("GET", u.String(), nil)
 		req.Header.Set("User-Agent", getRandomUserAgent())
+		req.Header.Set("Referer", getRandomReferrer())
+		req.Header.Set("Cache-Control", "no-cache")
 
 		atomic.AddInt64(&s.totalRequests, 1)
 		resp, err := client.Do(req)
 		if err != nil {
 			atomic.AddInt64(&s.failedRequests, 1)
 		} else {
+			// Fast body discard
+			io.Copy(io.Discard, resp.Body)
 			resp.Body.Close()
+
 			if resp.StatusCode >= 500 {
-				atomic.AddInt64(&s.failedRequests, 1) // Server errors count as fail
+				atomic.AddInt64(&s.failedRequests, 1)
 			} else {
 				atomic.AddInt64(&s.successRequests, 1)
 			}