Sentinel is a modular, high-performance security scanning framework written in Go. It is designed for authorized security assessments and penetration testing.
- Reconnaissance: Passive subdomain enumeration using Certificate Transparency logs (crt.sh).
- Vulnerability Scanning:
- Missing Security Headers (X-Frame-Options, CSP, etc.)
- Information Disclosure (Server headers)
- Sensitive File Detection (/.git, /.env, /robots.txt, etc.)
- Reporting: JSON output for easy integration with other tools.
- Concurrency: Fast parallel scanning.
Build the tool:
go build -o sentinel ./cmd/sentinelRun a scan:
./sentinel -target example.com -fullOptions:
-target: Target domain (required)-full: Enable full scan (includes sensitive file checks)-concurrency: Number of concurrent workers (default: 10)-output: Output file (default: report.json)
cmd/sentinel: CLI entry point.pkg/recon: Reconnaissance modules (Subdomain enumeration).pkg/scan: Vulnerability detection logic.pkg/report: Reporting handling.
This tool is for educational and authorized testing purposes only. Do not use on systems you do not have permission to test.