redgun-security 1.0.0

package/.github/workflows/security.yml

@@ -0,0 +1,21 @@
+name: Security
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+
+jobs:
+  redgun:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - run: npm ci
+      - run: node bin/redgun.js audit . --ci --min-score 70

package/.redgunignore

@@ -0,0 +1,11 @@
+# Ignore translation files
+**/i18n/**
+**/locales/**
+
+# Ignore test fixtures
+**/fixtures/**
+**/test-data/**
+
+# Ignore by pattern
+*.locale.*
+*.min.js

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 aloc999
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,281 @@
+<p align="center">
+  <pre align="center">
+  ██████╗ ███████╗██████╗  ██████╗ ██╗   ██╗███╗   ██╗
+  ██╔══██╗██╔════╝██╔══██╗██╔════╝ ██║   ██║████╗  ██║
+  ██████╔╝█████╗  ██║  ██║██║  ███╗██║   ██║██╔██╗ ██║
+  ██╔══██╗██╔══╝  ██║  ██║██║   ██║██║   ██║██║╚██╗██║
+  ██║  ██║███████╗██████╔╝╚██████╔╝╚██████╔╝██║ ╚████║
+  ╚═╝  ╚═╝╚══════╝╚═════╝  ╚═════╝  ╚═════╝ ╚═╝  ╚═══╝
+  </pre>
+</p>
+
+<p align="center">
+  <strong>Black-box & white-box security auditor for web applications — HackTricks Enhanced.</strong>
+</p>
+
+<p align="center">
+  <a href="https://github.com/aloc999/redgun/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue" alt="License"></a>
+  <img src="https://img.shields.io/badge/node-%3E%3D18-green" alt="Node">
+  <img src="https://img.shields.io/badge/modules-39-ff4444" alt="Modules">
+  <img src="https://img.shields.io/badge/HackTricks-Enhanced-critical" alt="HackTricks">
+</p>
+
+<br>
+
+## What is RedGun?
+
+RedGun is a security auditing CLI tool that finds vulnerabilities in your web applications. It includes **39 security modules** covering techniques from [HackTricks](https://book.hacktricks.wiki). Two modes:
+
+**Remote scan** (black-box): Give it a URL. It tests your site from the outside — XSS, SQLi, SSRF, CORS, CRLF injection, cache poisoning, host header injection, HTTP request smuggling, GraphQL introspection, path traversal, NoSQL injection, and more.
+
+**Local audit** (white-box): Point it at your project directory. It reads your source code checking for secrets, SSTI, insecure deserialization, prototype pollution, JWT vulnerabilities, command injection, weak crypto, path traversal, and more.
+
+<br>
+
+## Quick start
+
+```bash
+# Install globally
+npm install -g redgun-security
+
+# Interactive mode
+redgun
+
+# Or run directly
+redgun scan https://target.com    # Remote scan (black-box)
+redgun audit .                    # Local audit (white-box)
+redgun audit . --ci               # CI mode (exit code 0 or 1)
+redgun history                    # View saved reports
+redgun modules                    # List all modules
+```
+
+<br>
+
+## Remote Scan Modules (25 — Black-box)
+
+| Module | What it tests | Source |
+|---|---|---|
+| **HTTP Headers** | Missing CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP, CORP, COEP | OWASP |
+| **Exposed Files** | `.env`, `.git/config`, `package.json`, `.DS_Store`, source maps, actuator, swagger, phpinfo, Docker files, backups | HackTricks |
+| **Secrets Detection** | API keys (AWS, Stripe, Firebase, Supabase, OpenAI, Anthropic), tokens, passwords in page source | HackTricks |
+| **XSS Reflected** | 6 payloads × 14 parameters, DOM-based indicators | HackTricks |
+| **SQL Injection** | Error-based, UNION-based, time-based blind across common parameters | HackTricks |
+| **CORS Misconfiguration** | Wildcard + credentials, reflected origin, null origin | HackTricks |
+| **Open Redirect** | 12 redirect parameters tested with external URL | HackTricks |
+| **SSRF** | AWS metadata, internal IPs, localhost, IPv6, decimal IP, file:// protocol | HackTricks |
+| **Host Header Injection** | Reflected host, X-Forwarded-Host poisoning | HackTricks |
+| **HTTP Request Smuggling** | CL.TE probe detection | HackTricks |
+| **CRLF Injection** | Header injection via URL encoding variants | HackTricks |
+| **GraphQL Introspection** | Schema exposure via introspection query at 5 endpoints | HackTricks |
+| **Clickjacking** | Missing X-Frame-Options and frame-ancestors CSP | OWASP |
+| **Cookie Security** | Missing HttpOnly, Secure, SameSite flags | OWASP |
+| **HTTP Methods** | TRACE, PUT, DELETE enabled | HackTricks |
+| **Subdomain Enumeration** | 40+ common subdomains, dangerous subdomain detection | HackTricks |
+| **DNS & Email** | SPF, DKIM, DMARC analysis | HackTricks |
+| **Technology Fingerprint** | 40+ frameworks, servers, and services detected | — |
+| **API Discovery** | Common API paths, auth testing | HackTricks |
+| **SSL/TLS Analysis** | HTTP vs HTTPS detection | OWASP |
+| **Path Traversal / LFI** | Double-encoding, unicode bypass, null byte | HackTricks |
+| **NoSQL Injection** | MongoDB operator injection auth bypass | HackTricks |
+| **WebSocket Security** | Origin validation, authentication checks | HackTricks |
+| **Cache Poisoning** | Unkeyed headers (X-Forwarded-Host, X-Forwarded-Scheme, X-Original-URL) | HackTricks |
+| **Race Conditions** | Detection guidance for concurrent request attacks | HackTricks |
+
+<br>
+
+## Local Audit Modules (14 — White-box)
+
+| Module | What it checks | Source |
+|---|---|---|
+| **Code Secrets** | 25+ secret patterns (AWS, GitHub, Stripe, OpenAI, Anthropic, Discord, Telegram, npm, etc.) with line numbers | HackTricks |
+| **Environment Files** | `.env` in `.gitignore`, real secrets in `.env.example`, sensitive config exposure | OWASP |
+| **Dependencies** | `npm audit` for CVEs, supply-chain attack package detection | OWASP |
+| **Code Vulnerabilities** | SQL injection (template literals), XSS (`v-html`, `dangerouslySetInnerHTML`, `innerHTML`), eval(), ReDoS | HackTricks |
+| **Auth & Middleware** | Rate limiting, CORS wildcards, CSRF protection, session config, JWT expiration, hardcoded passwords | HackTricks |
+| **Headers Config** | CSP/HSTS in Nuxt, Next.js, Vercel, Netlify, Express configs | OWASP |
+| **SSRF Detection** | User-controlled URLs in fetch/axios/request/http.get/urllib | HackTricks |
+| **SSTI Detection** | Jinja2, Twig, Nunjucks, Pug, EJS, Handlebars, Velocity, Freemarker, Thymeleaf | HackTricks |
+| **Insecure Deserialization** | pickle, yaml.load, unserialize, ObjectInputStream, Marshal, BinaryFormatter | HackTricks |
+| **Prototype Pollution** | Object.assign, spread operator, deepmerge, lodash.merge, __proto__ access | HackTricks |
+| **JWT Vulnerabilities** | Algorithm "none", verify disabled, weak secrets, expiration bypass, decode without verify | HackTricks |
+| **Path Traversal / LFI** | User input in file paths, readFile, sendFile, include/require | HackTricks |
+| **Command Injection** | exec, spawn, child_process, system, subprocess with user input, shell interpolation | HackTricks |
+| **Weak Cryptography** | MD5, SHA1, DES, RC4, ECB mode, Math.random, hardcoded keys/IVs | HackTricks |
+
+<br>
+
+## GitHub Action
+
+Add `.github/workflows/security.yml` to your repo:
+
+```yaml
+name: Security
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+
+jobs:
+  redgun:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: aloc999/redgun@v1
+```
+
+### Inputs
+
+| Input | Description | Default |
+|---|---|---|
+| `path` | Project path to audit | `.` |
+| `min-score` | Minimum score required to pass (0-100) | `70` |
+| `fail-on-score` | Fail the workflow if score is below min-score | `true` |
+| `comment-pr` | Post a comment on pull requests | `true` |
+| `update-badge` | Update the security badge file on push | `true` |
+| `upload-sarif` | Upload SARIF findings to GitHub Code Scanning | `true` |
+
+### Outputs
+
+| Output | Description |
+|---|---|
+| `score` | Security score from 0 to 100 |
+| `grade` | Grade from A to F |
+| `total-findings` | Total number of findings |
+| `critical-findings` | Number of critical findings |
+| `high-findings` | Number of high severity findings |
+
+<br>
+
+## Scoring
+
+Every scan produces a security score from 0 to 100, graded A through F.
+
+| Severity | Score impact | Meaning |
+|---|---|---|
+| **Critical** | -15 | Exploitable vulnerability, immediate action required |
+| **High** | -8 | Serious risk, fix soon |
+| **Medium** | -3 | Moderate risk, fix when possible |
+| **Low** | -1 | Minor risk |
+| **Info** | 0 | Informational, no action needed |
+
+<br>
+
+## Configuration
+
+### CLI options
+
+```bash
+redgun scan                          # Interactive remote scan
+redgun scan https://target.com       # Direct URL scan
+redgun audit .                       # Audit current directory
+redgun audit /path/to/project        # Audit specific project
+redgun audit . --ci                  # CI mode, exit 1 if score < 70
+redgun audit . --ci --min-score 80   # Custom threshold
+redgun audit . --modules secrets,jwt # Run specific modules only
+redgun audit . --sarif               # Generate SARIF output
+redgun history                       # Browse saved reports
+redgun modules                       # List all modules
+```
+
+### Config file (optional)
+
+Create `redgun.config.js` in your project root:
+
+```js
+export default {
+  url: 'https://your-site.com',
+  ignore: ['Firebase API Key'],
+  ci: {
+    minScore: 70,
+    failOnCritical: true,
+  },
+}
+```
+
+### `.redgunignore` (optional)
+
+Create a `.redgunignore` file to exclude files from local audit:
+
+```
+**/i18n/**
+**/locales/**
+*.locale.*
+```
+
+<br>
+
+## HackTricks Techniques Included
+
+RedGun integrates techniques documented in [HackTricks](https://book.hacktricks.wiki):
+
+- **SSRF** — AWS/GCP metadata, internal IP bypass, DNS rebinding indicators
+- **SSTI** — Template engine detection and exploitation patterns
+- **Insecure Deserialization** — Language-specific gadget chain detection
+- **Prototype Pollution** — Object merge sinks and __proto__ injection
+- **JWT Attacks** — Algorithm confusion, none bypass, key brute-force indicators
+- **HTTP Request Smuggling** — CL.TE/TE.CL probe methodology
+- **Cache Poisoning** — Unkeyed header detection and Web Cache Deception
+- **CRLF Injection** — Header injection via encoding variants
+- **GraphQL** — Introspection, batching, query depth abuse
+- **NoSQL Injection** — MongoDB operator injection ($ne, $gt, $regex)
+- **Host Header Injection** — Password reset poisoning, cache poisoning via Host
+- **Path Traversal** — Double encoding, unicode bypass, null byte truncation
+- **Command Injection** — Shell metacharacter injection patterns
+- **Race Conditions** — Single-packet HTTP/2 attack detection guidance
+- **Open Redirect** — OAuth token theft chain detection
+- **Subdomain Takeover** — Dangling CNAME detection
+- **Weak Cryptography** — Deprecated algorithms and hardcoded key detection
+
+<br>
+
+## Project Structure
+
+```
+redgun/
+├── bin/
+│   └── redgun.js                    # CLI entry point
+├── src/
+│   ├── core/
+│   │   ├── findings.js              # Shared findings store
+│   │   ├── score.js                 # A-F score calculator
+│   │   └── reporter/
+│   │       ├── console.js           # Terminal output
+│   │       ├── json.js              # JSON + SARIF export
+│   │       └── html.js              # HTML report
+│   ├── local/                       # White-box modules (14)
+│   │   ├── index.js                 # Module orchestrator
+│   │   ├── secrets.js               # Source code secrets
+│   │   ├── env.js                   # .env audit
+│   │   ├── dependencies.js          # npm audit + supply chain
+│   │   ├── code-vulnerabilities.js  # SQLi, XSS, eval, ReDoS
+│   │   ├── auth.js                  # Auth & middleware
+│   │   ├── headers-config.js        # CSP/HSTS config
+│   │   ├── ssrf.js                  # SSRF detection
+│   │   ├── ssti.js                  # SSTI detection
+│   │   ├── deserialization.js       # Insecure deserialization
+│   │   ├── prototype-pollution.js   # Prototype pollution
+│   │   ├── jwt.js                   # JWT vulnerabilities
+│   │   ├── path-traversal.js        # LFI/path traversal
+│   │   ├── command-injection.js     # OS command injection
+│   │   └── crypto.js               # Weak cryptography
+│   └── utils/
+│       ├── fetch.js                 # HTTP with timeout
+│       └── patterns.js              # Shared regex patterns
+├── scan.js                          # Remote scan engine (25 modules)
+├── action.yml                       # GitHub Action definition
+├── .github/workflows/security.yml
+└── package.json
+```
+
+<br>
+
+## License
+
+MIT. See [LICENSE](LICENSE).
+
+This tool is intended for authorized security testing only. You are solely responsible for how you use it.

package/action.yml

@@ -0,0 +1,67 @@
+name: 'RedGun Security Audit'
+description: 'Black-box & white-box security auditor with HackTricks techniques'
+author: 'aloc999'
+branding:
+  icon: 'shield'
+  color: 'red'
+
+inputs:
+  path:
+    description: 'Project path to audit'
+    default: '.'
+  min-score:
+    description: 'Minimum score required to pass (0-100)'
+    default: '70'
+  fail-on-score:
+    description: 'Fail the workflow if score is below min-score'
+    default: 'true'
+  comment-pr:
+    description: 'Post a comment on pull requests'
+    default: 'true'
+  update-badge:
+    description: 'Update the security badge file on push'
+    default: 'true'
+  upload-sarif:
+    description: 'Upload SARIF findings to GitHub Code Scanning'
+    default: 'true'
+  badge-path:
+    description: 'Path to the badge JSON file'
+    default: '.github/redgun-badge.json'
+  github-token:
+    description: 'Token used to post comments and commit the badge'
+    default: ${{ github.token }}
+
+outputs:
+  score:
+    description: 'Security score from 0 to 100'
+  grade:
+    description: 'Grade from A to F'
+  total-findings:
+    description: 'Total number of findings'
+  critical-findings:
+    description: 'Number of critical findings'
+  high-findings:
+    description: 'Number of high severity findings'
+  report-path:
+    description: 'Absolute path to the JSON report file'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+
+    - name: Install RedGun
+      shell: bash
+      run: |
+        cd ${{ github.action_path }}
+        npm ci --production 2>/dev/null || npm install --production
+
+    - name: Run Audit
+      id: audit
+      shell: bash
+      run: |
+        cd ${{ github.workspace }}
+        node ${{ github.action_path }}/bin/redgun.js audit ${{ inputs.path }} --ci --min-score ${{ inputs.min-score }} --sarif || true

package/bin/redgun.js

@@ -0,0 +1,195 @@
+#!/usr/bin/env node
+
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import chalk from 'chalk';
+import { resolve } from 'path';
+import { existsSync } from 'fs';
+
+import { clearFindings } from '../src/core/findings.js';
+import { calculateScore, getGrade } from '../src/core/score.js';
+import { printBanner, printResults } from '../src/core/reporter/console.js';
+import { exportJson, exportSarif } from '../src/core/reporter/json.js';
+import { exportHtml } from '../src/core/reporter/html.js';
+import { runLocalAudit, LOCAL_MODULES } from '../src/local/index.js';
+import { runRemoteScan } from '../scan.js';
+
+const program = new Command();
+
+program
+  .name('redgun')
+  .description('Black-box & white-box security auditor for web applications (HackTricks Enhanced)')
+  .version('1.0.0');
+
+program
+  .command('scan')
+  .description('Remote scan (black-box) - give it a URL')
+  .argument('[url]', 'Target URL to scan')
+  .option('--modules <modules>', 'Comma-separated list of modules to run')
+  .action(async (url, options) => {
+    printBanner();
+    showDisclaimer();
+
+    if (!url) {
+      const answers = await inquirer.prompt([{
+        type: 'input',
+        name: 'url',
+        message: 'Target URL:',
+        validate: (v) => v.startsWith('http') ? true : 'Must start with http:// or https://',
+      }]);
+      url = answers.url;
+    }
+
+    if (!url.startsWith('http')) url = `https://${url}`;
+
+    clearFindings();
+    const spinner = ora('Starting remote scan...').start();
+
+    try {
+      const modules = options.modules ? options.modules.split(',') : null;
+      await runRemoteScan(url, spinner, modules);
+      spinner.succeed('Remote scan complete');
+    } catch (err) {
+      spinner.fail(`Scan error: ${err.message}`);
+    }
+
+    const { score, grade } = printResults();
+    const jsonPath = exportJson();
+    const htmlPath = exportHtml();
+    console.log(chalk.gray(`  Reports saved: ${jsonPath}`));
+    console.log(chalk.gray(`  HTML report: ${htmlPath}\n`));
+  });
+
+program
+  .command('audit')
+  .description('Local audit (white-box) - point it at your project')
+  .argument('[path]', 'Project path to audit', '.')
+  .option('--ci', 'CI mode - exit 1 if score below threshold')
+  .option('--min-score <score>', 'Minimum score (default: 70)', '70')
+  .option('--modules <modules>', 'Comma-separated list of modules to run')
+  .option('--json', 'Output JSON report')
+  .option('--html', 'Output HTML report')
+  .option('--sarif', 'Output SARIF report')
+  .action(async (projectPath, options) => {
+    printBanner();
+
+    const absPath = resolve(projectPath);
+    if (!existsSync(absPath)) {
+      console.error(chalk.red(`Error: Path does not exist: ${absPath}`));
+      process.exit(1);
+    }
+
+    clearFindings();
+    const spinner = ora('Starting local audit...').start();
+
+    try {
+      const modules = options.modules ? options.modules.split(',') : null;
+      await runLocalAudit(absPath, spinner, modules);
+      spinner.succeed('Local audit complete');
+    } catch (err) {
+      spinner.fail(`Audit error: ${err.message}`);
+    }
+
+    const { score, grade } = printResults();
+
+    const jsonPath = exportJson();
+    console.log(chalk.gray(`  JSON report: ${jsonPath}`));
+
+    if (options.html || !options.ci) {
+      const htmlPath = exportHtml();
+      console.log(chalk.gray(`  HTML report: ${htmlPath}`));
+    }
+
+    if (options.sarif) {
+      const sarifPath = exportSarif();
+      console.log(chalk.gray(`  SARIF report: ${sarifPath}`));
+    }
+
+    console.log('');
+
+    if (options.ci) {
+      const minScore = parseInt(options.minScore, 10);
+      if (score < minScore) {
+        console.error(chalk.red(`  FAILED: Score ${score} is below minimum ${minScore}`));
+        process.exit(1);
+      } else {
+        console.log(chalk.green(`  PASSED: Score ${score} meets minimum ${minScore}`));
+      }
+    }
+  });
+
+program
+  .command('history')
+  .description('View saved scan reports')
+  .action(async () => {
+    const { readdirSync } = await import('fs');
+    const { join } = await import('path');
+    const scansDir = './scans';
+
+    if (!existsSync(scansDir)) {
+      console.log(chalk.yellow('No scan history found.'));
+      return;
+    }
+
+    const files = readdirSync(scansDir).filter((f) => f.endsWith('.json')).sort().reverse();
+    if (files.length === 0) {
+      console.log(chalk.yellow('No scan history found.'));
+      return;
+    }
+
+    console.log(chalk.bold('\n  Scan History:\n'));
+    for (const file of files.slice(0, 20)) {
+      console.log(`  ${chalk.gray('•')} ${file}`);
+    }
+    console.log('');
+  });
+
+program
+  .command('modules')
+  .description('List available scan modules')
+  .action(() => {
+    printBanner();
+    console.log(chalk.bold('\n  Local Audit Modules (White-box):\n'));
+    for (const mod of LOCAL_MODULES) {
+      console.log(`  ${chalk.green('•')} ${mod.name} ${chalk.gray(`[${mod.value}]`)}`);
+    }
+    console.log(chalk.bold('\n  Remote Scan Modules (Black-box):\n'));
+    const remoteModules = [
+      'headers', 'files', 'secrets', 'xss', 'sqli', 'cors', 'redirect',
+      'ssrf', 'hostheader', 'smuggling', 'crlf', 'graphql', 'clickjack',
+      'cookies', 'methods', 'subdomains', 'dns', 'tech', 'api', 'ssl',
+      'lfi', 'nosqli', 'websocket', 'cache', 'race',
+    ];
+    for (const mod of remoteModules) {
+      console.log(`  ${chalk.red('•')} ${mod}`);
+    }
+    console.log('');
+  });
+
+if (process.argv.length <= 2) {
+  printBanner();
+  inquirer.prompt([{
+    type: 'list',
+    name: 'mode',
+    message: 'What would you like to do?',
+    choices: [
+      { name: 'Remote scan (black-box) - scan a URL', value: 'scan' },
+      { name: 'Local audit (white-box) - audit source code', value: 'audit' },
+      { name: 'View scan history', value: 'history' },
+      { name: 'List modules', value: 'modules' },
+    ],
+  }]).then((answers) => {
+    const args = ['node', 'redgun', answers.mode];
+    if (answers.mode === 'audit') args.push('.');
+    program.parse(args);
+  });
+} else {
+  program.parse();
+}
+
+function showDisclaimer() {
+  console.log(chalk.yellow.bold('  ⚠ DISCLAIMER'));
+  console.log(chalk.yellow('  This tool is for authorized security testing only.'));
+  console.log(chalk.yellow('  You are responsible for how you use it.\n'));
+}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "redgun-security",
+  "version": "1.0.0",
+  "description": "Black-box & white-box security auditor for web applications with HackTricks techniques",
+  "type": "module",
+  "main": "scan.js",
+  "bin": {
+    "redgun": "./bin/redgun.js"
+  },
+  "scripts": {
+    "start": "node bin/redgun.js",
+    "scan": "node bin/redgun.js scan",
+    "audit": "node bin/redgun.js audit .",
+    "test": "node --test"
+  },
+  "keywords": [
+    "security",
+    "scanner",
+    "pentest",
+    "vulnerability",
+    "audit",
+    "hacktricks",
+    "xss",
+    "sqli",
+    "ssrf",
+    "ssti",
+    "web-security"
+  ],
+  "author": "aloc999",
+  "license": "MIT",
+  "dependencies": {
+    "chalk": "^5.3.0",
+    "commander": "^12.1.0",
+    "inquirer": "^9.2.23",
+    "ora": "^8.0.1",
+    "puppeteer": "^22.12.0",
+    "node-fetch": "^3.3.2",
+    "glob": "^10.4.2",
+    "table": "^6.8.2"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/aloc999/redgun"
+  }
+}