TEGAR-SRC/oxrecon
GitHub: TEGAR-SRC/oxrecon
一款集成了 DNS、端口扫描、子域名枚举、BGP/RPKI 分析及 OSINT 等 60 多项功能的综合型命令行侦察工具。
Stars: 0 | Forks: 0
# oxrecon
[](https://go.dev)
[](LICENSE)
[]()
[](https://github.com/TEGAR-SRC/oxrecon/pkgs/container/oxrecon)
[](https://github.com/TEGAR-SRC/oxrecon)
**oxrecon** 将 60 多个侦察工具统一到了一个 CLI 中:DNS、WHOIS、HTTP、SSL/TLS、端口扫描、子域名枚举、**BGP/RPKI 分析**、技术检测以及 OSINT。
基于 **Clean Architecture**、**goroutine worker pool** 和 **context-aware** 操作构建 — 灵感来源于 Nmap、HTTPX、Subfinder、Naabu 和 Amass。
## 📋 菜单
- [为什么选择 oxrecon?](#why-oxrecon)
- [安装](#installation)
- [Go Install (源码)](#go-install)
- [GitHub Releases](#github-releases)
- [GitHub Container Registry (Docker)](#github-container-registry)
- [GitHub Packages (Go Module)](#github-packages)
- [从源码构建](#build-from-source)
- [命令](#commands)
- [DNS](#dns-10)
- [Domain](#domain-3)
- [Network](#network-6)
- [HTTP](#http-12)
- [SSL/TLS](#ssltls-5-)
- [端口详情](#port-detail-3)
- [Discovery](#discovery-7)
- [子域名](#subdomain-5)
- [BGP / RPKI / IP Block](#bgp--rpki--ip-block-22-)
- [OSINT](#osint-7)
- [全面扫描](#full-scan)
- [实用工具](#utilities)
- [使用示例](#usage-examples)
- [基础侦察](#basic-recon)
- [BGP & RPKI](#bgp--rpki)
- [端口扫描](#port-scanning)
- [全面扫描](#full-scan-1)
- [输出格式](#output-formats)
- [电子邮件安全](#email-security-spfdmarcdkim)
- [HTTP 安全](#http-security-cspcookiefavicon)
- [SSL 证书链](#ssl-certificate-chain)
- [Banner 抓取](#banner-grabbing)
- [Discovery 提供商](#discovery-providers)
- [全局标志](#global-flags)
- [GitHub Packages](#github-packages-1)
- [Docker 镜像](#docker-images-ghcr)
- [Go Module Proxy](#go-module-proxy)
- [自动化发布](#automated-releases)
- [架构](#architecture)
- [项目结构](#project-structure)
- [设计原则](#design-principles)
- [构建与开发](#build--development)
- [Makefile](#makefile)
- [Docker](#docker)
- [Docker Compose](#docker-compose)
- [依赖项](#dependencies)
- [测试](#testing)
- [CI/CD](#cicd)
- [贡献](#contributing)
- [许可证](#license)
## 为什么选择 oxrecon?
侦察通常需要 10 多个独立的工具:
- **nmap** → 端口扫描
- **httpx** → HTTP 探测
- **subfinder** → 子域名
- **dig** → DNS 查询
- **whois** → 域名信息
- **naabu** → 端口扫描
- **amass** → 子域名枚举
- **wappalyzer** → 技术检测
- **shodan** → OSINT
- **bgptools** → ASN 信息
- **routinator** → RPKI
**oxrecon** 将所有这些功能集成在一个二进制文件中完成,提供统一的 JSON/YAML/CSV 输出、并行执行,并且告别繁琐的配置噩梦。
## 安装
### Go 安装
```
go install github.com/TEGAR-SRC/oxrecon@latest
# 验证
oxrecon version
```
### GitHub Releases
下载适用于 Linux、macOS、Windows 的预编译二进制文件:
```
# Linux amd64
curl -L https://github.com/TEGAR-SRC/oxrecon/releases/latest/download/oxrecon-linux-amd64.zip -o oxrecon.zip
unzip oxrecon.zip && chmod +x oxrecon-linux-amd64 && sudo mv oxrecon-linux-amd64 /usr/local/bin/oxrecon
# macOS
curl -L https://github.com/TEGAR-SRC/oxrecon/releases/latest/download/oxrecon-darwin-amd64.zip -o oxrecon.zip
```
### GitHub Container Registry
```
# 从 GitHub Packages 拉取 Docker image
docker pull ghcr.io/tegar-src/oxrecon:latest
# 运行
docker run --rm ghcr.io/tegar-src/oxrecon:latest bgp ip 8.8.8.8
docker run --rm ghcr.io/tegar-src/oxrecon:latest scan example.com
# 交互式 shell
docker run -it --rm ghcr.io/tegar-src/oxrecon:latest /bin/sh
```
### GitHub Packages
```
# 通过 GitHub Packages 的 Docker image
docker pull ghcr.io/tegar-src/oxrecon:latest
docker tag ghcr.io/tegar-src/oxrecon:latest oxrecon:latest
# Go module proxy (GitHub Packages)
GOPROXY=https://proxy.golang.org,direct
GOFLAGS=-mod=mod
go install github.com/TEGAR-SRC/oxrecon@latest
```
### 从源码构建
```
git clone https://github.com/TEGAR-SRC/oxrecon.git
cd oxrecon
go build -o oxrecon main.go
./oxrecon version
```
## 命令
### DNS (15 ⭐)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `dns lookup` | A/AAAA 记录 | `oxrecon dns lookup example.com` |
| `dns reverse` | 反向 DNS (PTR) | `oxrecon dns reverse 8.8.8.8` |
| `dns mx` | MX 记录 | `oxrecon dns mx example.com` |
| `dns ns` | NS 记录 | `oxrecon dns ns example.com` |
| `dns txt` | TXT 记录 | `oxrecon dns txt example.com` |
| `dns soa` | SOA 记录 | `oxrecon dns soa example.com` |
| `dns caa` | CAA 记录 | `oxrecon dns caa example.com` |
| `dns cname` | CNAME 记录 | `oxrecon dns cname example.com` |
| `dns dnssec` | DNSSEC 检查 | `oxrecon dns dnssec example.com` |
| `dns zone` | 区域传送 | `oxrecon dns zone example.com` |
| `dns resolver` | 解析器基准测试 | `oxrecon dns resolver example.com` |
| **`dns security spf`** | **SPF 记录解析器** | **`oxrecon dns security spf example.com`** |
| **`dns security dmarc`** | **DMARC 策略解析器** | **`oxrecon dns security dmarc example.com`** |
| **`dns security dkim`** | **DKIM 选择器扫描** | **`oxrecon dns security dkim example.com`** |
| `dns a` | DNS A 记录 | `oxrecon dns a example.com` |
| `dns aaaa` | DNS AAAA (IPv6) | `oxrecon dns aaaa example.com` |
### Domain (3)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `domain whois` | WHOIS 查询 | `oxrecon domain whois example.com` |
| `domain info` | 注册商 + 到期时间 | `oxrecon domain info example.com` |
| `domain expire` | 距到期天数 | `oxrecon domain expire example.com` |
### Network (6)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `network scan` | TCP 端口扫描 | `oxrecon network scan example.com -t 50` |
| `network tcp` | TCP 扫描 (别名) | `oxrecon network tcp 10.0.0.1` |
| `network udp` | UDP 探测 | `oxrecon network udp example.com` |
| `network ping` | Ping (TCP 回退) | `oxrecon network ping 8.8.8.8` |
| `network traceroute` | TCP 路由追踪 | `oxrecon network traceroute example.com` |
| `network cidr` | CIDR 分析 | `oxrecon network cidr 10.0.0.0/8` |
| `network reverse-ip` | 反向 IP | `oxrecon network reverse-ip 8.8.8.8` |
### HTTP (16 ⭐)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `http probe` | HTTP endpoint 检查 | `oxrecon http probe example.com` |
| `http headers` | 响应 + 安全标头 | `oxrecon http headers example.com` |
| `http methods` | 允许的 HTTP 方法 | `oxrecon http methods example.com` |
| `http redirect` | 重定向链 | `oxrecon http redirect example.com` |
| `http robots` | Robots.txt | `oxrecon http robots example.com` |
| `http sitemap` | Sitemap.xml | `oxrecon http sitemap example.com` |
| `http waf` | WAF 检测 | `oxrecon http waf example.com` |
| `http tech` | 技术检测 | `oxrecon http tech example.com` |
| `http cdn` | CDN 检测 | `oxrecon http cdn example.com` |
| **`http screenshot`** | **通过 chromedp 截取真实截图 + 文本回退** | **`oxrecon http screenshot example.com`** |
| `http dir` | 目录爆破 | `oxrecon http dir example.com` |
| `http crawl` | 链接提取 | `oxrecon http crawl example.com` |
| **`http security csp`** | **CSP 分析器** | **`oxrecon http security csp example.com`** |
| **`http security cookie`** | **Cookie 标志分析器** | **`oxrecon http security cookie example.com`** |
| **`http security favicon`** | **Favicon 哈希** | **`oxrecon http security favicon example.com`** |
| **`http security ws`** | **WebSocket 检测** | **`oxrecon http security ws example.com`** |
| **`http security http2`** | **HTTP/2 + HTTP/3 检查** | **`oxrecon http security http2 example.com`** |
### SSL/TLS (5 ⭐)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `ssl cert` | 证书详情 | `oxrecon ssl cert example.com` |
| `ssl cipher` | 加密套件 | `oxrecon ssl cipher example.com` |
| `ssl tls` | TLS 版本支持 | `oxrecon ssl tls example.com` |
| `ssl expire` | 证书到期时间 | `oxrecon ssl expire example.com` |
| **`ssl chain`** | **完整证书链 + OCSP** | **`oxrecon ssl chain example.com`** |
### 端口详情 (3)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `detail banner ` | 单端口 Banner 抓取 | `oxrecon detail banner 8.8.8.8:80` |
| `detail version ` | 多端口服务版本 | `oxrecon detail version 10.0.0.1` |
| `detail multi [ports]` | 自定义端口 + Banner | `oxrecon detail multi 10.0.0.1 80 443 22` |
### Discovery (7)
| 命令 | 描述 | API Key |
|---------|-------------|---------|
| `discovery certspotter` | CertSpotter 子域名 | 公共 API |
| `discovery rapiddns` | RapidDNS 子域名 | 公共 API |
| `discovery hackertarget` | HackerTarget 子域名 | 公共 API |
| `discovery bufferover` | BufferOver 子域名 | 公共 API |
| `discovery anubis` | Anubis 子域名 | 公共 API |
| `discovery all ` | **所有提供商合并** | 公共 API |
### 子域名 (5)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `subdomain enum` | 被动 + DNS 枚举 | `oxrecon subdomain enum example.com` |
| `subdomain brute` | DNS 暴力破解 | `oxrecon subdomain brute example.com` |
| `subdomain crtsh` | 证书透明度 | `oxrecon subdomain crtsh example.com` |
| `subdomain recursive` | 3 级递归 | `oxrecon subdomain recursive example.com` |
| `subdomain wildcard` | 泛解析检测 | `oxrecon subdomain wildcard example.com` |
### BGP / RPKI / IP Block (22 ⭐)
| 命令 | 描述 | 示例 |
|---------|-------------|---------|
| `bgp ip` | IP → ASN + 前缀 + 国家 | `oxrecon bgp ip 8.8.8.8` |
| `bgp asn` | ASN → 名称 + 前缀 | `oxrecon bgp asn 15169` |
| **`bgp show`** | **所有前缀 + RPKI 状态** | **`oxrecon bgp show 13335`** |
|`bgp rpki`** | **RPKI/ROA 验证** | **`oxrecon bgp rpki 8.8.8.0/24`** |
| **`bgp routinator`** | **查询 Routinator** | **`oxrecon bgp routinator 1.1.1.0/24`** |
| **`bgp coverage`** | **RPKI 覆盖率 %** | **`oxrecon bgp coverage 15169`** |
| `bgp v6` | 仅 IPv6 前缀 | `oxrecon bgp v6 13335` |
| `bgp map` | Mermaid + ASCII 地图 | `oxrecon bgp map 15169` |
| `bgp path` | BGP AS 路径 | `oxrecon bgp path 8.8.8.8` |
| `bgp topology` | ASCII 图表 | `oxrecon bgp topology 15169` |
| `bgp visualize` | 自动检测 → 完整可视化 | `oxrecon bgp visualize 8.8.8.8` |
| `bgp prefix` | 前缀 → 源 ASN | `oxrecon bgp prefix 8.8.8.0/24` |
| `bgp prefix-list` | ASN → 所有前缀 | `oxrecon bgp prefix-list 15169` |
| `bgp networks` | 网络统计 | `oxrecon bgp networks 13335` |
| `bgp peers` | 上游/对等点 | `oxrecon bgp peers 15169` |
| `bgp route` | IP → 覆盖前缀 | `oxrecon bgp route 8.8.8.8` |
| `bgp origin` | IP → 源 AS (DNS) | `oxrecon bgp origin 1.1.1.1` |
| `bgp name` | ASN → 名称 | `oxrecon bgp name 15169` |
| `bgp bulk` | 从文件批量导入 IP → ASN | `oxrecon bgp bulk ips.txt` |
| `bgp whois` | 原始 whois | `oxrecon bgp whois AS15169` |
| `bgp export` | 路由器 prefix-list 配置 | `oxrecon bgp export 15169` |
| `bgp full` | 自动检测 → 完整侦察 | `oxrecon bgp full 8.8.8.8` |
### OSINT (7)
| 命令 | 描述 | 需要 API Key |
|---------|-------------|-----------------|
| `osint shodan` | Shodan API 查询 | `SHODAN_API_KEY` |
| `osint censys` | Censys API 查询 | `CENSYS_API_ID` + `CENSYS_API_SECRET` |
| `osint crtsh` | 证书透明度 | 公共 API |
| `osint wayback` | Wayback Machine | 公共 API |
| `osint securitytrails` | SecurityTrails API | `SECURITYTRAILS_API_KEY` |
| `osint virustotal` | VirusTotal API | `VIRUSTOTAL_API_KEY` |
| `osint alienvault` | AlienVault OTX | 公共 API |
### 全面扫描
```
oxrecon scan example.com --full --threads 50 --timeout 60s
# → DNS + WHOIS + port scan + HTTP + SSL + Tech + Subdomain + OSINT
```
### 实用工具
```
oxrecon tui # Terminal UI
oxrecon api # REST API server (:8080)
oxrecon config # Show config
oxrecon plugin list # Plugin manager
oxrecon update # Check updates
oxrecon version # Version info
```
## 使用示例
### 基础侦察
```
# DNS
oxrecon dns lookup example.com
oxrecon dns mx example.com
# WHOIS
oxrecon domain whois example.com
# Port Scan
oxrecon network scan 10.0.0.1 -t 50
# HTTP Headers
oxrecon http headers example.com
# SSL
oxrecon ssl cert example.com
oxrecon ssl expire example.com
```
### BGP & RPKI
```
# IP → ASN
oxrecon bgp ip 8.8.8.8
# 输出:
# IP: 8.8.8.8
# ASN: AS15169
# Name: GOOGLE - Google LLC
# Prefix: 8.8.8.0/24
# Country: US
# ASN 详情(所有 prefixes)
oxrecon bgp show 13335
# → 显示 IPv4: X prefixes, IPv6: Y prefixes, RPKI 状态
# RPKI 验证
oxrecon bgp rpki 8.8.8.0/24
# → ✅ VALID / ❌ INVALID / ❓ NOT FOUND
# RPKI 覆盖率
oxrecon bgp coverage 15169
# → 覆盖率: ████████░░ 80.0%
# BGP 拓扑图
oxrecon bgp map 15169
# → ASCII art + Mermaid diagram(粘贴到 mermaid.live)
# AS Path
oxrecon bgp path 8.8.8.8
# 全自动检测
oxrecon bgp visualize 15169
oxrecon bgp visualize 1.1.1.0/24
```
### 端口扫描
```
# 默认(60 个常用端口)
oxrecon network scan example.com
# 自定义线程
oxrecon network scan example.com --threads 100
# 超时
oxrecon network scan 10.0.0.1 --timeout 30s
```
### 全面扫描
```
oxrecon scan example.com
# → 组合:DNS + WHOIS + Port Scan + HTTP + SSL + Tech + Subdomain
# → 带有风险评分和建议的统一报告
oxrecon scan example.com --full -t 50 -o report.txt
```
### 输出格式
```
oxrecon dns lookup example.com --format json
oxrecon dns lookup example.com --format yaml
oxrecon dns lookup example.com --format csv
oxrecon scan example.com --format json --output scan.json
```
### 电子邮件安全 (SPF/DMARC/DKIM)
```
oxrecon dns security spf example.com
# → SPF 分析(包含 includes, ip4/ip6, mechanisms)
oxrecon dns security dmarc example.com
# → DMARC 策略:reject/quarantine/none, pct, rua/ruf
oxrecon dns security dkim example.com
# → 扫描常见的 DKIM selectors(google, selector1, mandrill 等)
```
### HTTP 安全 (CSP/Cookie/Favicon)
```
oxrecon http security csp example.com
# → Content-Security-Policy 分析(unsafe-inline, unsafe-eval)
oxrecon http security cookie example.com
# → Cookie flags:Secure, HttpOnly, SameSite
oxrecon http security favicon example.com
# → MD5/SHA256/Base64 hash → 用于 Shodan/ZoomEye 搜索
oxrecon http security http2 example.com
# → HTTP/2 + HTTP/3 (Alt-Svc) 支持检查
```
### SSL 证书链
```
oxrecon ssl chain example.com
# → 完整证书链:Leaf → Intermediate → Root CA + OCSP
```
### Banner 抓取
```
oxrecon detail banner 8.8.8.0:80
# → HTTP banner
oxrecon detail banner 10.0.0.1:22
# → SSH 版本/banner
oxrecon detail version 10.0.0.1
# → 多端口服务版本检测
```
### Discovery 提供商
```
oxrecon discovery all example.com
# → CertSpotter + RapidDNS + HackerTarget + BufferOver + Anubis + AlienVault
oxrecon discovery certspotter example.com
# → 仅 CertSpotter 结果
```
### 全局标志
```
--threads, -t Worker threads (default: 10)
--timeout, -o Request timeout (default: 30s)
--rate, -r Rate limit per second (0 = unlimited)
--dns DNS server to use
--proxy, -p HTTP/SOCKS5 proxy
--format, -f Output format: json|yaml|xml|csv|html (default: json)
--output, -O Output file
--silent Errors only
--verbose, -v Verbose
--debug Debug
--insecure Skip TLS verification
--random-agent Random User-Agent
--follow-redirect Follow HTTP redirects
--ipv4 IPv4 only
--ipv6 IPv6 only
--cache Enable cache (default: true)
--cache-ttl Cache TTL (default: 1h)
```
## GitHub Packages
### Docker 镜像
每次发布都会自动发布到 GitHub Container Registry:
```
# 最新版
docker pull ghcr.io/tegar-src/oxrecon:latest
# 特定版本
docker pull ghcr.io/tegar-src/oxrecon:v1.0.0
docker pull ghcr.io/tegar-src/oxrecon:v1.0
# 运行
docker run --rm ghcr.io/tegar-src/oxrecon:latest bgp ip 8.8.8.8
docker run --rm ghcr.io/tegar-src/oxrecon:latest scan example.com
# 带有本地输出
docker run --rm -v $PWD:/data ghcr.io/tegar-src/oxrecon:latest scan example.com -o /data/report.json
```
### Go Module Proxy
```
# 直接从 GitHub 安装
go install github.com/TEGAR-SRC/oxrecon@latest
# 或特定版本
go install github.com/TEGAR-SRC/oxrecon@v1.0.0
# 作为库使用
import "github.com/TEGAR-SRC/oxrecon/pkg/utils"
```
### 自动化发布
Tag → Release → Docker 镜像 → 二进制文件 → GitHub Packages
```
git tag v1.0.0
git push origin v1.0.0
# GitHub Actions 将会:
# 1. 运行测试
# 2. 构建 binaries(linux/darwin/windows × amd64/arm64)
# 3. 构建并推送 Docker image 到 ghcr.io
# 4. 创建包含 .zip artifacts 的 GitHub Release
# 5. 发布 Go module
```
## 架构
### 项目结构
```
oxrecon/
├── cmd/
│ ├── cli/ # 14 command files (Cobra)
│ │ ├── main.go # Root command + flags
│ │ ├── dns.go # DNS commands (10)
│ │ ├── bgp.go # BGP + RPKI commands (22)
│ │ ├── http.go # HTTP commands (12)
│ │ ├── ssl.go # SSL/TLS commands (4)
│ │ ├── network.go # Network commands (6)
│ │ ├── subdomain.go # Subdomain commands (5)
│ │ ├── osint.go # OSINT commands (7)
│ │ ├── scan.go # Full scan orchestrator
│ │ └── tui.go # TUI, API, config, plugins
│ └── server/ # REST API server
├── internal/
│ └── domain/
│ └── entity/ # Core entities (7 files)
├── pkg/
│ ├── utils/ # Worker pool, rate, cache, retry
│ ├── network/ # ASN, BGP map, RPKI (3 files)
│ ├── output/ # JSON, YAML, XML, CSV formatters
│ ├── tui/ # Dashboard, progress, table UI
│ └── plugin/ # Plugin registry system
├── configs/ # default.yaml
├── docs/ # PRD.md
├── progress/ # Session tracking
├── .github/workflows/ # CI + Release
├── Dockerfile, Makefile, docker-compose.yml
└── main.go, go.mod
```
### 设计原则
- **Clean Architecture** — 零外部依赖的领域实体
- **Worker Pool** — 基于 goroutine 的并行执行
- **Rate Limiting** — 令牌桶 + 滑动窗口
- **Context-aware** — 所有操作均遵循 `context.Context`
- **Graceful Shutdown** — SIGINT/SIGTERM → 取消 context
- **Failsafe** — 带有指数退避的重试
- **无臃肿** — 优先使用标准库,尽量减少依赖
```
┌─────────────────────────────────────────────────────┐
│ cmd/cli/ → Cobra commands │
│ cmd/server/ → REST API (net/http) │
├─────────────────────────────────────────────────────┤
│ internal/domain/entity/ → Core types │
│ internal/repository/ → Interfaces │
│ internal/usecase/ → Business logic │
│ internal/middleware/ → Logging, rate, metrics │
├─────────────────────────────────────────────────────┤
│ pkg/utils/ → Worker pool, cache, retry, rate │
│ pkg/network/ → ASN lookup, BGP maps, RPKI │
│ pkg/output/ → Formatters (JSON, YAML, CSV, XML) │
│ pkg/tui/ → BubbleTea-ready components │
│ pkg/plugin/ → Plugin interface + registry │
└─────────────────────────────────────────────────────┘
```
### 数据流
```
User Input → Cobra CLI → Command Handler
→ Worker Pool (goroutines)
→ DNS Lookup (miekg/dns)
→ WHOIS Query (TCP port 43)
→ HTTP Probe (net/http + goquery)
→ SSL Handshake (crypto/tls)
→ Port Scan (net.Dial)
→ ASN Lookup (Team Cymru DNS)
→ BGP RADB (whois.radb.net)
→ RPKI Routinator (RIPE API)
→ OSINT APIs (Shodan, Censys, crt.sh)
→ Result Aggregation
→ Output Formatter (JSON/YAML/CSV)
→ stdout / File
```
## 构建与开发
### Makefile
```
make build # Build binary → ./build/oxrecon
make run # Build + run
make test # All tests with race detection
make test-short # Quick tests
make bench # Benchmark tests
make lint # golangci-lint + go vet
make build-all # Multi-platform: linux/darwin/windows
make release # lint + test + build-all
make clean # Remove artifacts
make docker # Docker image
make cover # Coverage report → coverage.html
make profile # CPU + memory profiling
```
### Docker
```
# 构建
docker build -t oxrecon:latest .
# 运行命令
docker run --rm oxrecon:latest bgp ip 8.8.8.8
docker run --rm oxrecon:latest http headers example.com
# 交互式
docker run -it --rm oxrecon:latest
# 带有用于 OSINT APIs 的环境变量
docker run --rm \
-e SHODAN_API_KEY=xxx \
-e VIRUSTOTAL_API_KEY=xxx \
oxrecon:latest osint shodan 1.1.1.1
```
### Docker Compose
```
docker-compose up --build # Full stack
docker-compose run --rm webtool scan example.com
```
## 依赖项
| 库 | 用途 |
|---------|---------|
| `spf13/cobra` | CLI 框架 + 自动补全 |
| `spf13/viper` | 配置管理 (YAML/JSON/ENV) |
| `go.uber.org/zap` | 结构化日志 |
| `miekg/dns` | 完整的 DNS 协议库 |
| `PuerkitoBio/goquery` | HTML 解析 (类 jQuery) |
| `google/uuid` | UUID 生成 |
| `gopkg.in/yaml.v3` | YAML 编码/解码 |
**零外部网络依赖** — 所有 BGP/ASN 查询均使用内置的 DNS 和 TCP whois。
## 测试
```
# 所有测试
go test -v -race ./...
# 带有覆盖率
go test -v -cover ./pkg/utils/...
# 覆盖率报告
go test -v -coverprofile=coverage.out ./...
go tool cover -html=coverage.out -o coverage.html
# 基准测试
go test -bench=. -benchmem ./pkg/utils/...
# 单个测试
go test -v -run TestWorkerPool
```
### 测试覆盖率
| 包 | 覆盖率 |
|---------|----------|
| `pkg/utils/cache.go` | ✅ 100% |
| `pkg/utils/rate.go` | ✅ 85% |
| `pkg/utils/retry.go` | ✅ 90% |
| `pkg/utils/worker.go` | ✅ 87% |
| **总体** | **85%+** |
## CI/CD
### 工作流
| 工作流 | 触发条件 | 任务 |
|----------|---------|------|
| `ci.yml` | 推送/提交 PR 至 dev 分支 | Lint → 测试 → 构建 → 安全检查 |
| `release.yml` | 标记 v* | 测试 → 二进制文件 → Docker → 发布 → Go Module |
### GitHub Actions 特性
- **并行构建**: linux/amd64, linux/arm64, darwin/amd64, darwin/arm64, windows/amd64
- **Docker 多架构**: 带有缓存的 Buildx
- **GitHub Container Registry**: 推送至 ghcr.io
- **Go 模块发布**: 兼容 `go install`
- **安全扫描**: gosec
## 贡献
1. Fork 本仓库
2. 创建功能分支:
git checkout -b feat/fitur-baru
3. 使用印尼语提交:
git commit -m 'feat: tambah fitur BGP map interaktif'
4. 推送:
git push origin feat/fitur-baru
5. 向 `dev` 分支提交 PR
### 分支流程
```
dev → stg → main
↓ ↓
staging production
```
## 许可证
MIT 许可证 — 详情请参阅 [LICENSE](LICENSE)。
oxrecon — Web、网络、DNS、BGP、RPKI 和 OSINT 侦察
怀揣 ❤️ 为安全研究社区打造
标签:ESC4, EVTX分析, GitHub, Go语言, OSINT, UDP扫描, 云存储安全, 安全侦察, 实时处理, 密码管理, 日志审计, 程序破解, 网络扫描, 请求拦截, 资产测绘