Sigurlfind3R is a passive reconnaissance tool, it fetches known URLs from AlienVault’s OTX, Common Crawl, URLScan, Github and the Wayback Machine.
Usage
sigurlfind3r -h
This will display help for the tool.
() _ _ _ _ _ | |/ ()_ | | / _
/ | |/ | | | | '__| | |_| | '_ \ / _ | | | ‘|
__ \ | (| | || | | | | | | | | | (| |) | | |/|_, |__,|| ||| ||| ||_,|/|_| v1.2.0
|/
USAGE:
sigurlfind3r [OPTIONS]
OPTIONS:
-d, –domain domain to fetch urls for
-eS, –exclude-sources comma(,) separated list of sources to exclude
-f, –filter URL filtering regex
-iS, –include-subs include subdomains’ urls
-lS, –list-sources list all the available sources
-nC, –no-color no color mode
-s –silent silent mode: output urls only
-uS, –use-sources comma(,) separated list of sources to use
Examples
Basic
sigurlfind3r -d tesla.com
Include Subdomains
sigurlfind3r -d tesla.com -is
Regex filter out URLs
sigurlfind3r -d tesla.com -f “.(jpg|jpeg|gif|png|ico|css|eot|tif|tiff|ttf|woff|woff2)”
Installation
From Binary
You can download the pre-built binary for your platform from this repository’s releases page, extract, then move it to your $PATHand you’re ready to go.
sigurlfind3r requires go1.14+ to install successfully. Run the following command to get the repo
GO111MODULE=on go get -u -v github.com/signedsecurity/sigurlfind3r/cmd/sigurlfind3r
git clone https://github.com/signedsecurity/sigurlfind3r.git && \
cd sigurlfind3r/cmd/sigurlfind3r/ && \
go build; mv sigurlfind3r /usr/local/bin/ && \
sigurlfind3r -h
Post Installation
sigurlfind3r will work after installation. However, to configure sigurlfind3r to work with certain services – currently github – you will need to have setup API keys. The API keys are stored in the $HOME/.config/sigurlfind3r/conf.yaml file – created upon first run – and uses the YAML format. Multiple API keys can be specified for each of these services.
Example:
version: 1.1.0
sources:
– commoncrawl
– github
– otx
– urlscan
– wayback
keys:
github:
– d23a554bbc1aabb208c9acfbd2dd41ce7fc9db39
– asdsd54bbc1aabb208c9acfbd2dd41ce7fc9db39
This repo contains all variants of information security & Bug bounty & Penetration Testing write-up…
site:*/sign-in site:*/account/login site:*/forum/ucp.php?mode=login inurl:memberlist.php?mode=viewprofile intitle:"EdgeOS" intext:"Please login" inurl:user_login.php intitle:"Web Management Login" site:*/users/login_form site:*/access/unauthenticated site:account.*.*/login site:admin.*.com/signin/…
Matrix is an open network for secure and decentralized communication. Users from every Matrix homeserver…
Linux Security And Monitoring Scripts are a collection of security and monitoring scripts you can…
A fiber is a unit of execution that must be manually scheduled by the application…
XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site…