docs

Author: sw33tLie

.github/workflows/docker.yml

@@ -9,12 +9,14 @@ on:
       - 'README.md'
       - '*.md'
       - 'website/**'
+      - 'docs/**'
   pull_request:
     branches: [ "main", "refactor/v2" ]
     paths-ignore:
       - 'README.md'
       - '*.md'
       - 'website/**'
+      - 'docs/**'
 
 jobs:
 

.github/workflows/docs.yml

@@ -0,0 +1,42 @@
+name: Deploy Docs
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'docs/**'
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: pages
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install mdBook
+        run: |
+          curl -sSL https://github.com/rust-lang/mdBook/releases/latest/download/mdbook-v0.4.44-x86_64-unknown-linux-gnu.tar.gz | tar -xz
+          chmod +x mdbook
+
+      - name: Build docs
+        run: ./mdbook build docs/
+
+      - name: Upload Pages artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: docs/book
+
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.gitignore

@@ -1,4 +1,5 @@
 /bbscope
 /bbscope.*
 *.sqlite
-website/.env
+website/.env
+docs/book/

README.md

@@ -24,6 +24,8 @@
 
 Visit [bbscope.com](https://bbscope.com/) to explore an hourly-updated list of public scopes from all supported platforms, stats, and more!
 
+**[Read the full documentation](https://sw33tlie.github.io/bbscope/)** — installation, CLI reference, database guide, web deployment, library API, and more.
+
 ---
 
 ## ✨ Features
@@ -364,6 +366,29 @@ bbscope poll immunefi
 
 ---
 
+## 📚 Documentation
+
+Full documentation is available at **[sw33tlie.github.io/bbscope](https://sw33tlie.github.io/bbscope/)**.
+
+Covers:
+- **Getting Started** — installation, configuration, quick start
+- **CLI Reference** — all commands, flags, output formatting
+- **Database** — setup, schema, querying, SQL examples
+- **Web Interface** — self-hosting, Docker deployment, REST API
+- **Platforms** — auth setup for each platform
+- **AI Normalization** — configuration, custom endpoints, cost
+- **Library Usage** — using `pkg/polling`, `pkg/platforms`, `pkg/storage`, `pkg/targets` in your own Go projects
+- **Architecture** — project structure, data flow, design decisions
+
+To build the docs locally:
+
+```bash
+cd docs && mdbook serve
+# Opens at http://localhost:3000
+```
+
+---
+
 ## 🌐 bbscope.com (Self-Hosting)
 
 The `website/` folder contains the code powering [bbscope.com](https://bbscope.com/) — a web interface and API for browsing aggregated scopes from all supported platforms.

docs/book.toml

@@ -0,0 +1,11 @@
+[book]
+title = "bbscope Documentation"
+authors = ["sw33tLie"]
+language = "en"
+src = "src"
+
+[output.html]
+default-theme = "navy"
+preferred-dark-theme = "navy"
+git-repository-url = "https://github.com/sw33tLie/bbscope"
+edit-url-template = "https://github.com/sw33tLie/bbscope/edit/main/docs/{path}"

docs/src/SUMMARY.md

@@ -0,0 +1,55 @@
+# Summary
+
+[Introduction](./introduction.md)
+
+# Getting Started
+
+- [Installation](./getting-started/installation.md)
+- [Configuration](./getting-started/configuration.md)
+- [Quick Start](./getting-started/quickstart.md)
+
+# CLI Usage
+
+- [Polling Scopes](./cli/polling.md)
+- [Database Commands](./cli/database.md)
+- [Extracting Targets](./cli/targets.md)
+- [Output Formatting](./cli/output.md)
+
+# Database
+
+- [Setup](./database/setup.md)
+- [Schema & Change Tracking](./database/schema.md)
+- [Querying & Searching](./database/querying.md)
+
+# Web Interface
+
+- [Self-Hosting](./web/self-hosting.md)
+- [Docker Deployment](./web/docker.md)
+- [REST API](./web/api.md)
+- [Background Poller](./web/poller.md)
+
+# Platforms
+
+- [HackerOne](./platforms/hackerone.md)
+- [Bugcrowd](./platforms/bugcrowd.md)
+- [Intigriti](./platforms/intigriti.md)
+- [YesWeHack](./platforms/yeswehack.md)
+- [Immunefi](./platforms/immunefi.md)
+
+# AI Normalization
+
+- [Overview](./ai/overview.md)
+- [Configuration](./ai/configuration.md)
+
+# Using as a Library
+
+- [Overview](./library/overview.md)
+- [Polling Package](./library/polling.md)
+- [Platforms Package](./library/platforms.md)
+- [Storage Package](./library/storage.md)
+- [Targets Package](./library/targets.md)
+
+# Advanced
+
+- [Burp Suite Integration](./advanced/burp.md)
+- [Architecture](./advanced/architecture.md)

docs/src/advanced/architecture.md

@@ -0,0 +1,89 @@
+# Architecture
+
+## Project structure
+
+```
+bbscope/
+├── cmd/                    # CLI commands (Cobra)
+│   ├── root.go             # Root command, global flags
+│   ├── poll.go             # bbscope poll
+│   ├── poll_*.go           # Platform-specific poll subcommands
+│   ├── db.go               # bbscope db
+│   ├── db_*.go             # DB subcommands (stats, changes, find, etc.)
+│   ├── serve.go            # bbscope serve
+│   └── dev.go              # bbscope dev
+├── pkg/                    # Library packages (importable)
+│   ├── platforms/          # Platform interface + implementations
+│   │   ├── platform.go     # PlatformPoller interface
+│   │   ├── hackerone/
+│   │   ├── bugcrowd/
+│   │   ├── intigriti/
+│   │   ├── yeswehack/
+│   │   ├── immunefi/
+│   │   └── dev/
+│   ├── polling/            # Shared polling orchestrator
+│   │   └── polling.go
+│   ├── storage/            # PostgreSQL persistence
+│   │   ├── storage.go      # DB operations
+│   │   ├── types.go        # Entry, Change, UpsertEntry, etc.
+│   │   ├── normalize.go    # Target normalization
+│   │   ├── transform.go    # Aggressive transforms
+│   │   └── extra.go        # Additional queries
+│   ├── scope/              # Core types and category normalization
+│   ├── targets/            # Target extraction (wildcards, domains, etc.)
+│   ├── ai/                 # AI normalization
+│   ├── whttp/              # HTTP client wrapper (retryablehttp)
+│   └── otp/                # TOTP generation
+├── website/                # Web server
+│   ├── pkg/core/           # Server core (routes, handlers, poller)
+│   ├── static/             # CSS, JS, images
+│   ├── docker-compose.yml
+│   └── Dockerfile
+├── internal/
+│   └── utils/              # Logging setup
+└── docs/                   # This documentation (mdBook)
+```
+
+## Data flow
+
+### CLI polling (`bbscope poll --db`)
+
+```
+Platform API
+    ↓ ListProgramHandles()
+    ↓ FetchProgramScope() × N (concurrent workers)
+    ↓
+pkg/polling.PollPlatform()
+    ↓ AI normalize (optional, with DB cache)
+    ↓ BuildEntries()
+    ↓ UpsertProgramEntries() → changes
+    ↓ LogChanges()
+    ↓ OnProgramDone callback → printChanges()
+    ↓
+    ↓ SyncPlatformPrograms() → removed program changes
+    ↓
+stdout (change output)
+```
+
+### Web server (`bbscope serve`)
+
+```
+Background goroutine (every N hours)
+    ↓ buildPollers() from env vars
+    ↓ For each platform (concurrent):
+    │   polling.PollPlatform()
+    ↓ invalidateProgramsCache()
+
+HTTP requests
+    ↓ /api/v1/* → query DB → JSON response (cached)
+    ↓ /programs, /program/* → query DB → HTML (gomponents)
+```
+
+## Key design decisions
+
+- **Platform interface**: All platforms implement `PlatformPoller`. Adding a new platform means implementing 4 methods.
+- **Shared orchestrator**: `pkg/polling` contains the polling logic used by both CLI and web server, avoiding duplication.
+- **Change detection in DB**: `UpsertProgramEntries` does an atomic compare-and-update, returning only what changed.
+- **Safety checks**: Multiple layers prevent accidental data loss (scope wipe detection, platform-level 0-program check).
+- **AI caching**: Normalized targets are stored in `targets_ai_enhanced` so only new/changed targets hit the API.
+- **Category unification**: Platform-specific category names are mapped to a unified set in `pkg/scope`.

docs/src/advanced/burp.md

@@ -0,0 +1,20 @@
+# Burp Suite Integration
+
+bbscope includes a Burp Suite script that checks whether HTTP request targets are in scope by querying the bbscope REST API.
+
+## Setup
+
+1. Start the bbscope web server (or use a hosted instance).
+2. In Burp Suite, load the script from `website/find-scope-burp-action.java`.
+3. Configure the script to point to your bbscope instance URL.
+
+## How it works
+
+The script intercepts HTTP requests in Burp and checks each hostname against the bbscope API's wildcard/domain list. If the target matches an in-scope entry, it's flagged accordingly.
+
+This is useful for passive scope validation during testing — you can see at a glance whether a target you're interacting with is actually in scope for a bug bounty program.
+
+## Requirements
+
+- A running bbscope web server with the REST API accessible
+- Programs polled and stored in the database

docs/src/ai/configuration.md

@@ -0,0 +1,56 @@
+# AI Normalization — Configuration
+
+## Config file
+
+```yaml
+ai:
+  api_key: "sk-..."
+  model: "gpt-4.1-mini"       # default
+  # provider: "openai"         # default
+  # endpoint: ""               # custom OpenAI-compatible endpoint
+  # max_batch: 0               # items per API call (0 = auto)
+  # max_concurrency: 0         # parallel API calls (0 = auto)
+  # proxy: ""                  # HTTP proxy for AI API calls
+```
+
+## Environment variable fallback
+
+If `ai.api_key` is not set in the config, bbscope falls back to the `OPENAI_API_KEY` environment variable.
+
+For the web server, use:
+
+```
+OPENAI_API_KEY=sk-...
+OPENAI_MODEL=gpt-4.1-mini
+```
+
+## Usage
+
+### CLI
+
+```bash
+bbscope poll --db --ai
+```
+
+The `--ai` flag only works with `--db`. Without a database, there's nowhere to store the normalized results.
+
+### Web server
+
+If `OPENAI_API_KEY` is set, AI normalization is automatically enabled for the background poller. Check the `/debug` page to confirm.
+
+## Custom endpoints
+
+For self-hosted or alternative OpenAI-compatible APIs (e.g., Ollama, vLLM, Azure OpenAI), set the endpoint:
+
+```yaml
+ai:
+  api_key: "your-key"
+  endpoint: "http://localhost:11434/v1"
+  model: "llama3"
+```
+
+## Cost considerations
+
+- Only **new or changed** targets are sent to the API. Previously normalized targets are loaded from the database cache.
+- The default model (`gpt-4.1-mini`) is cost-effective for this use case.
+- Batch size and concurrency can be tuned with `max_batch` and `max_concurrency` if needed.

docs/src/ai/overview.md

@@ -0,0 +1,34 @@
+# AI Normalization — Overview
+
+Bug bounty platforms often have messy scope entries. Targets might look like:
+
+- `*.example.com (main website)` instead of `*.example.com`
+- `https://app.example.com/api/v2 - REST API` instead of `https://app.example.com/api/v2`
+- `All subdomains of example.com` instead of `*.example.com`
+
+AI normalization uses an LLM (OpenAI-compatible API) to clean these up automatically.
+
+## What it does
+
+1. **Cleans up entries** — strips descriptions, comments, and formatting artifacts from target strings.
+2. **Handles wildcards** — converts "All subdomains of X" to `*.X`.
+3. **Classifies scope intent** — determines if a messy entry is a wildcard, URL, domain, etc.
+4. **Normalizes categories** — maps platform-specific category names to unified ones.
+5. **Caches results** — stores AI outputs in the `targets_ai_enhanced` database table. Only new/changed targets are sent to the API on subsequent polls, avoiding redundant API calls and costs.
+
+## How it looks
+
+In the web UI, the program detail page has an "AI / Raw" toggle to switch between views.
+
+In the CLI with `--db`, changes show the mapping:
+
+```
+🆕  h1  https://hackerone.com/program  *.example.com (main site) -> *.example.com
+```
+
+## Requirements
+
+- A database (`--db` flag)
+- An OpenAI-compatible API key
+
+See [Configuration](./configuration.md) for setup.