MCPcopy Index your code
hub / github.com/1hehaq/shef

github.com/1hehaq/shef @v2.2.1

Chat with this repo
repository ↗ · DeepWiki ↗ · release v2.2.1 ↗ · + Follow
12 symbols 32 edges 1 files 0 documented · 0%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

shef

[!NOTE] shef is a minimal tool for bringing facets into your terminal without any API key.

  • supports All kind of shodan query (those which only supported on facet)
  • extracts multiple facets (Use -list flag to see all facet types)
  • rotates random User-Agent
  • clean and pipe friendly output

Installation

go install github.com/1hehaq/shef@latest
setup autocomletion for facet names
echo -e "complete -W '\$(shef -list)' shef" >> ~/.bashrc && source ~/.bashrc
  • then try this bash shef -q nginx -f <TAB> bash shef -q nginx -f http.<TAB>

Flags

  -q    : search query (required)
  -f    : facet type (default: ip)
  -list : list all facet types
  -json : stdout in JSON format
  -h    : show help message

help

Example Commands

# get specific target's IPs and take web screenshots then view the images in terminal
shef -q org:tesla -f ip | sed 's/^/http:\/\//' | klik && yazi screenshots

klik yazi

# get related/own domains of the query, sometime it exposes internal portals (they shouldn't be same root domain)
shef -q hackerone.com -f domain # chain it with amass for getting more wide attack surfaces

# same for ports
shef -q hackerone.com -f port
# gets asn number(s) of the query then asn lookup with asnmap
asnmap -asn $(shef -q hackerone.com -f asn) # loop it if multiple asn numbers gets as shef's result

asnmap

# gets relative domains and probe {title, IP, status code} then filter non 403 only (sometime, it shows real IPs, non WAF areas)
shef -q hackerone -f domain | httpx -sc -ip -title -silent | grep -vE '403|Cloudflare|Access Denied|Not Allowed'

httpx

# find known vulnerabilities of a product
shef -q "product:jboss" -f vuln
  • If you see no results or errors
  • verfiy your query
  • check your internet connection
  • use -h for guidance

[!CAUTION] never use shef for any illegal activites, I'm not responsible for your deeds with it. Do for justice.

kindly for hackers

GitHub X

Core symbols most depended-on inside this repo

displayHelp
called by 2
main.go
cleanMessage
called by 2
main.go
parseFlags
called by 1
main.go
displayVersion
called by 1
main.go
performUpdate
called by 1
main.go
displayFacets
called by 1
main.go
searchShodan
called by 1
main.go
fetchPage
called by 1
main.go

Shape

Function 12

Languages

Go100%

Modules by API surface

main.go12 symbols

For agents

$ claude mcp add shef \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact