UltyScan Documentation Overhaul

docs/configuration.md

@@ -0,0 +1,72 @@
+# Configuration Guide
+
+**UltyScan** is highly configurable. You can adjust scan intensity, timeout settings, and integrate external API keys for enhanced data gathering.
+
+## Main Configuration File
+
+The main configuration file is located at:
+`/usr/share/sniper/sniper.conf`
+
+To use a custom configuration for a specific scan, make a copy of this file, edit it, and pass it with the `-c` flag:
+```bash
+cp /usr/share/sniper/sniper.conf ~/my_custom.conf
+nano ~/my_custom.conf
+# Edit settings...
+sudo sniper -c ~/my_custom.conf -t example.com
+```
+
+### Common Settings to Tweak
+
+- **`sc0pe_vulnerable_search`**: Set to `1` to search for specific vulnerabilities.
+- **`RISK_LEVEL`**: Adjust the sensitivity of vulnerability scanners.
+- **`THREADS`**: Increase number of threads for faster (but noisier) scans.
+
+---
+
+## API Integration
+
+To unlock the full power of **UltyScan**, you should configure API keys for services like Shodan, Censys, and Hunter.io.
+
+### Setting up Keys
+
+1.  **Locate or Create the Key Config**:
+    The system looks for keys in `/root/.sniper_api_keys.conf`.
+
+2.  **Edit the File**:
+    ```bash
+    sudo nano /root/.sniper_api_keys.conf
+    ```
+
+3.  **Enter your Keys**:
+    Add or update the lines for the services you have access to.
+
+    ```bash
+    # SHODAN API KEY
+    SHODAN_API_KEY="your_shodan_key_here"
+
+    # CENSYS API KEY
+    CENSYS_API_ID="your_censys_id"
+    CENSYS_API_SECRET="your_censys_secret"
+
+    # HUNTER.IO API KEY
+    HUNTER_API_KEY="your_hunter_key"
+
+    # GITHUB API KEY
+    GITHUB_API_KEY="your_github_token"
+    ```
+
+4.  **Save and Exit**:
+    Press `Ctrl+X`, then `Y`, then `Enter`.
+
+### Supported Integrations
+
+- **Shodan**: For discovering internet-connected devices.
+- **Censys**: For attack surface visibility.
+- **Hunter.io**: For email and contact discovery.
+- **GitHub**: For repo scanning and updates.
+- **OWASP ZAP**: For web application scanning.
+- **BurpSuite Pro**: For advanced web scanning (requires manual config).
+- **Metasploit**: For exploit validation.
+
+---
+[Return to README](../README.md)

docs/installation.md

@@ -0,0 +1,127 @@
+# Installation Guide
+
+Welcome to the **UltyScan** installation guide. This document provides step-by-step instructions to get **UltyScan** up and running on your system.
+
+## Table of Contents
+1. [Prerequisites](#prerequisites)
+2. [Native Installation (Kali Linux / Ubuntu / Debian)](#native-installation)
+3. [Docker Installation (Recommended for others)](#docker-installation)
+4. [Troubleshooting](#troubleshooting)
+
+---
+
+## Prerequisites
+
+Before installing, ensure you have:
+- **Operating System**: Kali Linux (preferred), Ubuntu, Debian, or Parrot OS.
+- **Permissions**: Root (administrator) access is required. Use `sudo` if you are not logged in as root.
+- **Internet Connection**: Required to download dependencies.
+
+---
+
+## Native Installation
+
+This is the standard installation method for Kali Linux, Ubuntu, and Debian systems.
+
+### Step 1: Clone the Repository
+Open your terminal (command prompt) and run the following command to download the **UltyScan** code to your computer.
+
+```bash
+git clone https://github.com/1N3/Sn1per
+```
+*Note: This creates a folder named `Sn1per`. You can rename it to `UltyScan` if you wish, but the internal scripts expect standard paths.*
+
+### Step 2: Navigate to the Directory
+Move into the downloaded folder:
+
+```bash
+cd Sn1per
+```
+
+### Step 3: Run the Installer
+Run the installation script. This script will automatically download and install all necessary tools and dependencies.
+
+**Warning**: This process can take a while (10-30 minutes) depending on your internet speed, as it installs many security tools.
+
+```bash
+sudo bash install.sh
+```
+
+### Step 4: Verification
+Once the script finishes, verify the installation by running the scanner's help command:
+
+```bash
+sudo sniper --help
+```
+If you see the help menu with the logo, the installation was successful!
+
+---
+
+## Docker Installation
+
+If you are not using Kali/Debian, or prefer a containerized environment, use Docker. This keeps your host system clean.
+
+### Prerequisites
+- Ensure **Docker** and **Docker Compose** are installed on your system.
+    - [Install Docker Engine](https://docs.docker.com/engine/install/)
+    - [Install Docker Compose](https://docs.docker.com/compose/install/)
+
+### Option A: Kali Linux Container (Recommended)
+
+1.  **Start the container**:
+    From within the `Sn1per` directory, run:
+    ```bash
+    sudo docker compose up -d
+    ```
+    *The `-d` flag runs it in the background.*
+
+2.  **Access the container**:
+    To start using the scanner, enter the interactive shell:
+    ```bash
+    sudo docker run --privileged -it sn1per-kali-linux /bin/bash
+    ```
+
+3.  **Run the tool**:
+    Inside the container, you can run:
+    ```bash
+    sniper --help
+    ```
+
+### Option B: BlackArch Container
+
+If you prefer BlackArch Linux:
+
+1.  **Start the container**:
+    ```bash
+    sudo docker compose -f docker-compose-blackarch.yml up -d
+    ```
+
+2.  **Access the container**:
+    ```bash
+    sudo docker run --privileged -it sn1per-blackarch /bin/bash
+    ```
+
+---
+
+## Troubleshooting
+
+### "Command not found"
+If running `sniper` says command not found:
+- Ensure you ran the install script as root (`sudo bash install.sh`).
+- Try running it directly from the installation directory:
+  ```bash
+  cd /usr/share/sniper
+  ./sniper --help
+  ```
+
+### Dependency Errors
+If the installer fails on a specific package:
+1.  Run `sudo apt update --fix-missing`
+2.  Run `sudo apt upgrade`
+3.  Re-run `./install.sh`
+
+### Docker "Permission Denied"
+If you get permission errors with Docker, ensure your user is in the `docker` group or use `sudo` before docker commands.
+
+---
+[Return to README](../README.md)

docs/usage.md

@@ -0,0 +1,130 @@
+# Usage Guide
+
+This guide covers how to use **UltyScan** effectively. The tool works by running the `sniper` command followed by a target and a mode.
+
+## Basic Syntax
+
+```bash
+sudo sniper -t <TARGET> -m <MODE> [OPTIONS]
+```
+
+- `-t <TARGET>`: The domain (e.g., `example.com`) or IP address (e.g., `192.168.1.1`) you want to scan.
+- `-m <MODE>`: The scanning mode (e.g., `normal`, `stealth`, `nuke`). if omitted, defaults to normal.
+- `-w <WORKSPACE>`: (Optional) Save results to a specific workspace name.
+
+---
+
+## Scanning Modes
+
+### 1. Normal Mode
+**Best for:** General purpose scanning.
+Performs a basic scan of targets and open ports using both active and passive checks. It balances speed and depth.
+
+**Command:**
+```bash
+sudo sniper -t example.com
+```
+*Note: If no mode is specified, Normal mode is used.*
+
+### 2. Stealth Mode
+**Best for:** Avoiding detection.
+Quickly enumerates targets using mostly non-intrusive scans to avoid WAF (Web Application Firewall) or IPS (Intrusion Prevention System) blocking.
+
+**Command:**
+```bash
+sudo sniper -t example.com -m stealth
+```
+
+### 3. Flyover Mode
+**Best for:** High-level overview of multiple targets.
+Fast, multi-threaded scans of multiple targets. Great for collecting high-level data (like taking screenshots of web pages) on many hosts quickly.
+
+**Command:**
+```bash
+sudo sniper -f targets.txt -m flyover -w my-flyover-scan
+```
+
+### 4. Airstrike Mode
+**Best for:** Quick enumeration of a list of targets.
+Quickly enumerates open ports and services on multiple hosts and performs basic fingerprinting.
+
+**Command:**
+```bash
+sudo sniper -f targets.txt -m airstrike
+```
+*Note: `targets.txt` should contain a list of IPs or domains, one per line.*
+
+### 5. Nuke Mode
+**Best for:** COMPLETE DESTRUCTION (Deep Audit).
+Launches a full audit of multiple hosts. This enables Brute-force, Full Port Scan, OSINT, Recon, Workspace, and Loot collection. **This is very loud and will likely lock accounts or trigger alarms.**
+
+**Command:**
+```bash
+sudo sniper -f targets.txt -m nuke -w my-nuke-scan
+```
+
+### 6. Discover Mode
+**Best for:** Internal Networks.
+Parses all hosts on a subnet (CIDR) and initiates a scan against each active host.
+
+**Command:**
+```bash
+sudo sniper -t 192.168.1.0/24 -m discover -w internal-scan
+```
+
+### 7. Web Mode
+**Best for:** Web Application focus.
+Adds full automatic web application scans to the results. Scans ports 80 (HTTP) and 443 (HTTPS) only.
+
+**Command:**
+```bash
+sudo sniper -t example.com -m web
+```
+
+---
+
+## Workspace Management
+
+UltyScan saves all data into "Workspaces" to keep your scans organized.
+
+### Creating/Using a Workspace
+Simply add `-w <NAME>` to any command.
+```bash
+sudo sniper -t example.com -w project-alpha
+```
+
+### Listing Workspaces
+See all your current workspaces.
+```bash
+sudo sniper --list
+```
+
+### Deleting a Workspace
+Remove a workspace and all its data.
+```bash
+sudo sniper -w project-alpha -d
+```
+
+### Viewing Reports
+To open the HTML report for a workspace:
+```bash
+sudo sniper --list
+```
+Then select the report HTML file from the output or navigate to:
+`/usr/share/sniper/loot/workspace/<YOUR_WORKSPACE>/sniper-report.html`
+
+---
+
+## Advanced Options
+
+| Flag | Description |
+| :--- | :--- |
+| `-o` / `--osint` | Enable OSINT (Open Source Intelligence) gathering. |
+| `-re` / `--recon` | Enable Reconnaissance gathering. |
+| `-b` | Enable Brute-force attacks (automatically tries passwords). |
+| `-fp` | Full Port Only scan (scans all 65535 ports). |
+| `--status` | Check the status of running scans. |
+| `-u` / `--update` | Update **UltyScan** to the latest version. |
+
+---
+[Return to README](../README.md)