sigurlfind3r - passive reconnaissance tool for known URLs discovery - Penetration Testing Tools, ML and Linux Tutorials

superior_hosting_service

A passive reconnaissance tool for known URLs discovery – it gathers a list of URLs passively using various online sources.

Features

Fetches known URLs from AlienVault’s OTX, Common Crawl, URLScan, Github and the Wayback Machine.
Fetches disallowed paths from robots.txt found on your target domain and snapshotted by the Wayback Machine.
Regex filter URLs.
Save output to file.

Installation

From Binary

You can download the pre-built binary for your platform from this repository’s releases page, extract, then move it to your $PATHand you’re ready to go.

From Source

sigurlfind3r requires go1.14+ to install successfully. Run the following command to get the repo

GO111MODULE=on go get -u -v github.com/signedsecurity/sigurlfind3r/cmd/sigurlfind3r

From Github

git clone https://github.com/signedsecurity/sigurlfind3r.git && \
cd sigurlfind3r/cmd/sigurlfind3r/ && \
go build; mv sigurlfind3r /usr/local/bin/ && \
sigurlfind3r -h

Post Installation

sigurlfind3r will work after installation. However, to configure sigurlfind3r to work with certain services – currently github – you will need to have setup API keys. The API keys are stored in the $HOME/.config/sigurlfind3r/conf.yaml file – created upon first run – and uses the YAML format. Multiple API keys can be specified for each of these services.

Example:

version: 1.4.0
sources:
    - commoncrawl
    - github
    - otx
    - urlscan
    - wayback
    - waybackrobots
keys:
    github:
        - d23a554bbc1aabb208c9acfbd2dd41ce7fc9db39
        - asdsd54bbc1aabb208c9acfbd2dd41ce7fc9db39

Usage

DiSCLAIMER: fetching urls from github is a bit slow.

sigurlfind3r -h

This will display help for the tool.

     _                  _  __ _           _ _____
 ___(_) __ _ _   _ _ __| |/ _(_)_ __   __| |___ / _ __
/ __| |/ _` | | | | '__| | |_| | '_ \ / _` | |_ \| '__|
\__ \ | (_| | |_| | |  | |  _| | | | | (_| |___) | |
|___/_|\__, |\__,_|_|  |_|_| |_|_| |_|\__,_|____/|_| 1.4.0
       |___/

USAGE:
  sigurlfind3r [OPTIONS]

OPTIONS:
   -d, --domain            domain to fetch urls for
  -eS, --exclude-sources   comma(,) separated list of sources to exclude
   -f, --filter            URL filtering regex
  -iS, --include-subs      include subdomains' urls
  -lS, --list-sources      list all the available sources
  -nC, --no-color          no color mode
   -s  --silent            silent mode: output urls only
  -uS, --use-sources       comma(,) separated list of sources to use
   -o, --output            output file

Examples

Basic

sigurlfind3r -d tesla.com

Include Subdomains’ URLs

sigurlfind3r -d tesla.com -iS

Regex filter URLs

sigurlfind3r -d tesla.com -f ".(jpg|jpeg|gif|png|ico|css|eot|tif|tiff|ttf|woff|woff2)"

Contribution

Issues and Pull Requests are welcome!

Github Link

Android rootkit and adb shell