View Issue Details
|New Tool Requests
|have not tried
DirGrep is a Bash script designed to simplify and combine the process of directory fuzzing and keyword searching within a specified domain. It leverages Gobuster for directory fuzzing and curl for sending HTTP requests.
Can be useful in CTFs searching for keywords on a domain, or searching for statements that could represent a vulnerability on the domain you're scanning
-d domain: Specify the domain to fuzz.
-c cookie: Specify a custom cookie to be used with curl requests (optional) (e.g -c NAME:VALUE).
-h, -help: Show the help message.
EXIT: Exit the tool.
RESCAN: Rescan the domain using the same wordlist.
Leave the URL field blank to proceed with the last scanned domain.
Script will dump a lot of messy log files to /tmp. To protect from information disclosure, chmod 600 is ran on these files. If you want these log files for some reason, you can modify Constants on the script with your desired directory.
Saving results to a text file will always write to the working directory
Download: curl -sL https://raw.githubusercontent.com/sockykali/DirGrep/main/DirGrep.sh | tr -d '\r' > DirGrep.sh
Similar tools: I'm not aware of any that integrate enumeration and keyword searching, but this tool relies on dirbuster, grep and curl in conjunction with eachother
Activity: Began 3 months ago. Still working on V1.1 and awaiting feedback from users. Will be updated as time goes on to add new features but no major errors or issues occur with the tool. Everything functions as it should
I got temporarily blocked probably because I uploaded this script, and also seems to be blocking me from including the quickstart command here, so please view the script on the it's repo - https://github.com/sockykali/DirGrep
Super open to any feedback, suggestions, improvements, anything you might have. Thanks for taking a look!