Complete documentation overhaul with Web UI installation

README.md

@@ -1,51 +1,273 @@
-# UltyScan
-## Professional Attack Surface Management Platform
+# 🔍 UltyScan
 
-**UltyScan** is a next-generation automated information gathering and vulnerability scanning tool. It is designed to be the ultimate "button-pushing" solution for penetration testers and security professionals, automating the execution of dozens of powerful open-source tools to discover hidden assets and vulnerabilities.
+**Attack Surface Management Platform**
 
-### 🚀 Key Features
-
-*   **Automated Recon**: Automatically gathers subdomains, IPs, and open ports.
-*   **Vulnerability Scanning**: Integrates with tools like Nikto, Zap, and OpenVAS to find weaknesses.
-*   **Multiple Modes**: From "Stealth" (low profile) to "Nuke" (full aggressive audit).
-*   **Visual Reports**: Generates HTML reports with all findings, including screenshots.
-*   **Workspace Management**: Keeps different client data separate and organized.
+A comprehensive automated penetration testing and reconnaissance tool with a modern Web Interface for managing scans.
 
 ---
 
-### 📚 Documentation
+## ✨ Features
 
-For detailed instructions, please refer to our comprehensive guides:
-
-*   **[Installation Guide](docs/installation.md)**
-    *   Step-by-step setup for Kali Linux, Ubuntu, and Docker.
-*   **[Usage Guide](docs/usage.md)**
-    *   How to run scans, understand modes, and manage workspaces.
-*   **[Configuration Guide](docs/configuration.md)**
-    *   Customizing the scanner and setting up API keys (Shodan, Censys, etc.).
+- **16 Scan Modes** - From stealth reconnaissance to full aggressive audits
+- **Modern Web Interface** - Launch and manage scans from your browser
+- **Automated Reporting** - HTML reports generated for each scan
+- **Workspace Management** - Organize results by project
+- **OSINT Integration** - Shodan, Censys, Hunter.io, and more
+- **Vulnerability Scanning** - Nuclei, Nikto, and custom checks
+- **Bruteforce Capabilities** - Password attacks on discovered services
 
 ---
 
-### ⚡ Quick Start
+## 🚀 Quick Start
 
-1.  **Install**:
-    ```bash
-    git clone https://github.com/1N3/Sn1per
-    cd Sn1per
-    sudo bash install.sh
-    ```
+### One-Command Installation
 
-2.  **Run a Basic Scan**:
-    ```bash
-    sudo sniper -t example.com
-    ```
+```bash
+git clone https://github.com/DeNNiiInc/UltyScan /usr/share/sniper
+cd /usr/share/sniper
+bash install.sh force
+```
 
-3.  **View Results**:
-    Open the generated HTML report inside the `loot/workspace/` directory.
+> **Note:** The `force` flag runs the installation without prompts for fully automated deployment.
+
+### After Installation
+
+The installer will display your Web Interface URL:
+
+```
+============================================
+  ULTYSCAN WEB INTERFACE
+============================================
+  URL: http://<YOUR_IP>/ultyscan/
+  Logs: /var/log/ultyscan/
+  Loot: /usr/share/sniper/loot/workspace/
+============================================
+```
 
 ---
 
-### NOTE
-This tool is for legal security auditing purposes only. Ensure you have permission to scan the target.
+## 🖥️ Web Interface
 
-*Based on the open-source Sn1per project.*
+### Accessing the UI
+
+Open your browser and navigate to:
+```
+http://<SERVER_IP>/ultyscan/
+```
+
+### Features
+
+| Tab | Description |
+|-----|-------------|
+| **New Scan** | Configure and launch scans with all modes and options |
+| **Workspaces** | View, export, and delete scan workspaces |
+| **Console** | Live output from running scans |
+| **Settings** | Update scanner and stop running scans |
+
+### Scan Configuration Options
+
+| Option | Description |
+|--------|-------------|
+| **Target** | Domain name or IP address to scan |
+| **Scan Mode** | Select from 16 different scan modes |
+| **Workspace** | Name to organize your results |
+| **Enable OSINT** | Gather intelligence from public sources |
+| **Enable Recon** | Subdomain and DNS enumeration |
+| **Enable Bruteforce** | Password attacks on services |
+| **Full Port Scan** | Scan all 65535 ports |
+
+---
+
+## 📋 Scan Modes
+
+| Mode | Description | Use Case |
+|------|-------------|----------|
+| `normal` | Balanced scan with enumeration | General purpose |
+| `stealth` | Low-profile, minimal traffic | Avoiding detection |
+| `web` | Ports 80/443 only | Web application focus |
+| `webscan` | Full web application audit | Deep web analysis |
+| `webporthttp` | HTTP on custom port | Non-standard web ports |
+| `webporthttps` | HTTPS on custom port | Non-standard SSL ports |
+| `port` | Single specific port | Targeted service testing |
+| `fullportonly` | All 65535 ports | Complete port discovery |
+| `discover` | Network/CIDR scanning | Infrastructure mapping |
+| `flyover` | Quick multi-target | Fast initial assessment |
+| `airstrike` | Fast enumeration | Speed over depth |
+| `nuke` | Full aggressive audit | Maximum coverage |
+| `massportscan` | Multi-target port scan | Bulk port scanning |
+| `massweb` | Multi-target web scan | Multiple web targets |
+| `masswebscan` | Multi-target webapp | Bulk web app testing |
+| `massvulnscan` | Multi-target vulns | Bulk vulnerability scan |
+
+---
+
+## ⌨️ Command Line Usage
+
+### Basic Scan
+```bash
+sniper -t example.com
+```
+
+### With Options
+```bash
+sniper -t example.com -m normal -w myproject -o -re
+```
+
+### Full Scan with All Features
+```bash
+sniper -t example.com -m normal -w myproject -o -re -b -fp
+```
+
+### Command Line Options
+
+| Flag | Description |
+|------|-------------|
+| `-t <target>` | Target domain or IP |
+| `-f <file>` | File with list of targets |
+| `-m <mode>` | Scan mode |
+| `-w <name>` | Workspace name |
+| `-o` | Enable OSINT |
+| `-re` | Enable Recon |
+| `-b` | Enable Bruteforce |
+| `-fp` | Full port scan |
+| `-p <port>` | Specific port number |
+
+### Workspace Management
+```bash
+# List all workspaces
+sniper --list
+
+# Delete a workspace
+sniper -w myproject -d
+
+# Export workspace
+sniper -w myproject --export
+```
+
+---
+
+## 📁 Directory Structure
+
+| Path | Description |
+|------|-------------|
+| `/usr/share/sniper/` | Installation directory |
+| `/usr/share/sniper/loot/workspace/` | Scan results and reports |
+| `/var/www/html/ultyscan/` | Web interface files |
+| `/var/log/ultyscan/` | Web UI scan logs |
+| `/root/.sniper.conf` | Main configuration file |
+
+---
+
+## ⚙️ Configuration
+
+### API Keys
+
+Edit `/root/.sniper.conf` to add your API keys:
+
+```bash
+# Shodan API Key
+SHODAN_API_KEY="your_key_here"
+
+# Censys API
+CENSYS_APP_ID="your_id"
+CENSYS_API_SECRET="your_secret"
+
+# Hunter.io
+HUNTERIO_KEY="your_key"
+
+# GitHub (for secret scanning)
+GITHUB_API_KEY="your_token"
+```
+
+### Enabling/Disabling Features
+
+In `/root/.sniper.conf`:
+
+```bash
+# Enable/Disable scanners (1=on, 0=off)
+NUCLEI="1"
+NIKTO="0"
+WPSCAN="1"
+SHODAN="1"
+```
+
+---
+
+## 🔒 Security Notes
+
+> ⚠️ **Important Security Considerations**
+
+1. **Network Access**: The Web UI should only be accessible from trusted networks
+2. **Root Privileges**: The scanner requires root to perform its functions
+3. **Legal Authorization**: Only scan systems you have permission to test
+
+---
+
+## 🐳 Docker Installation
+
+```bash
+cd /usr/share/sniper
+docker-compose up -d
+docker exec -it kali-linux bash
+./install.sh force
+```
+
+---
+
+## 📊 Viewing Reports
+
+### Via Web Interface
+1. Go to the **Workspaces** tab
+2. Click **View** on any workspace
+3. Report opens in new tab
+
+### Direct Path
+```
+/usr/share/sniper/loot/workspace/<NAME>/sniper-report.html
+```
+
+### Via Web Server
+```
+http://<SERVER_IP>/loot/workspace/<NAME>/sniper-report.html
+```
+
+---
+
+## 🔧 Troubleshooting
+
+### Scan Not Starting
+```bash
+# Check if sniper is installed correctly
+which sniper
+
+# Test manually
+sniper -t example.com
+```
+
+### Web UI Shows "Idle" When Scan Running
+```bash
+# Check if process is running
+ps aux | grep sniper
+
+# Check sudoers
+cat /etc/sudoers.d/www-data-sniper
+```
+
+### Permission Denied
+```bash
+# Reinstall sudoers configuration
+echo 'www-data ALL=(ALL) NOPASSWD: /usr/bin/bash /usr/share/sniper/sniper *' > /etc/sudoers.d/www-data-sniper
+chmod 440 /etc/sudoers.d/www-data-sniper
+```
+
+---
+
+## 📝 License
+
+See [LICENSE.md](LICENSE.md) for details.
+
+---
+
+## 🤝 Contributing
+
+Contributions are welcome! Please submit pull requests to improve the tool.