
Barcha is your Swiss‑Army knife for SQL Injection reconnaissance 🔍. Written in Go, it automates:
📡 Shodan Dork: hostname:"*.example.com" -403 -503 -http.title:"Invalid URL" -302 -404
🖧 Reverse DNS: IP → hostname, skips amazonaws NAT addresses
🛠️ Ghauri Integration: ghauri -u --random-agent --confirm --force-ssl --level=3 --dbs --dump --batch
📊 History: Logs into barcha_history.db
📸 Screenshots

Figure 1. Per‑host SQLi testing via Ghauri.

Figure 2. Live host detection & redirect checks.
PATH SHODAN_API_KEY go install github.com/S1N6H/Barcha@latest
🏃 Usage Export your Shodan key
export SHODAN_API_KEY="YOUR_SHODAN_API_KEY" Run Barcha
./barcha
Enter your target domain when prompted (e.g. example.com)
Watch it go! 🎉
$ claude mcp add Barcha \
-- python -m otcore.mcp_server <graph>