README
¶
frameseven
frameseven is a CLI-first offensive web security scanner for authorized security testing. It maps a target's attack surface and runs active checks for common web vulnerabilities and misconfigurations.
Only scan systems that you own or have explicit permission to test.
Requirements
- Go 1.26.4 or later in the Go 1.26 release line
- Git
- Network access to the authorized target
- Linux, macOS, or another environment supported by Go
Development Setup
git clone https://github.com/sayseven7/frameseven.git
cd frameseven
go test ./...
go run cmd/cli/v1/main.go -url https://target.example
Documentation
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
cli/v1
command
|
|
|
internal
|
|
|
cve
Package cve maps detected technology versions to known CVEs using the public NVD API 2.0.
|
Package cve maps detected technology versions to known CVEs using the public NVD API 2.0. |
|
report
Package report defines the scan result structure and renders it as human-readable text and as structured JSON.
|
Package report defines the scan result structure and renders it as human-readable text and as structured JSON. |
|
tools/v1/access
Package access tests broken access control: sensitive endpoints reachable without authentication, and IDOR by enumerating numeric identifiers.
|
Package access tests broken access control: sensitive endpoints reachable without authentication, and IDOR by enumerating numeric identifiers. |
|
tools/v1/lfi
Package lfi tests local file inclusion and path traversal: it injects traversal and PHP stream-wrapper payloads into parameters that look like file paths and confirms a hit when local file contents come back.
|
Package lfi tests local file inclusion and path traversal: it injects traversal and PHP stream-wrapper payloads into parameters that look like file paths and confirms a hit when local file contents come back. |
|
tools/v1/misconfig
Package misconfig checks for security misconfiguration: missing security headers, dangerous HTTP methods, permissive CORS and weak TLS.
|
Package misconfig checks for security misconfiguration: missing security headers, dangerous HTTP methods, permissive CORS and weak TLS. |
|
tools/v1/ratelimit
Package ratelimit measures whether the target throttles repeated requests by firing a burst and observing status-code and latency variation.
|
Package ratelimit measures whether the target throttles repeated requests by firing a burst and observing status-code and latency variation. |
|
tools/v1/recon
Package recon maps the attack surface of a target: DNS, response headers, technologies in use, sensitive files, and reachable endpoints/parameters.
|
Package recon maps the attack surface of a target: DNS, response headers, technologies in use, sensitive files, and reachable endpoints/parameters. |
|
tools/v1/scanner
Package scanner orchestrates a full scan: it maps the surface with recon and then runs every test and enrichment module against it, returning a report.
|
Package scanner orchestrates a full scan: it maps the surface with recon and then runs every test and enrichment module against it, returning a report. |
|
tools/v1/sqli
Package sqli detects SQL injection (boolean-based) and, when a parameter is injectable, extracts real data with UNION-based payloads: DBMS, current database, current user, tables, columns and credential rows.
|
Package sqli detects SQL injection (boolean-based) and, when a parameter is injectable, extracts real data with UNION-based payloads: DBMS, current database, current user, tables, columns and credential rows. |
|
tools/v1/ssrf
Package ssrf tests server-side request forgery: it injects internal and cloud-metadata URLs into parameters that look like URLs and confirms a hit when the server returns metadata-service content.
|
Package ssrf tests server-side request forgery: it injects internal and cloud-metadata URLs into parameters that look like URLs and confirms a hit when the server returns metadata-service content. |
Click to show internal directories.
Click to hide internal directories.