r0x4r / garud Goto Github PK

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

License: MIT License

Shell 87.82% Dockerfile 12.18%

bugbounty bugbountytips bugbounty-tool reconnaissance subdomain-takeover golang bash-script penetration-testing penetration-testing-tools garud

garud's Introduction

package main

import (
	"fmt"
)

type About map[string]string

func main() {
	for k, v := range GetAbout() {
		fmt.Printf("%+v: %+v\n", k, v)
	}
}

func GetAbout() About {
	return About{
	 "- About: I am a Cyber Security Enthusiast and a Hacker with an Ethical mindset. I'm having experience in Web-app security, Mobile app security, API security, Vulnerability Assessment & Penetration Testing.",
         "- Known Tools: I am experienced with tools like BurpSuite, acunetix, Nmap, and of course with Kali Linux & some GitHub open source tools like Amass, Aquatone, etc many more for finding the vulnerabilities in the web application and mobile application.", 
         "- Frequently: I have also made some scripts for the infosec community which helps beginners to find low-hanging bugs. I have frequently found account takeover, injections, privilege escalation, etc vulnerabilities on many programs.",
	}
}

$ ./experience
--------------------------------------------------------
I have secured over 60+ companies which includes some big tech companies like Google, Nokia, TripAdvisor, 
SAP Concour, Dell Technologies, Seagate, Mastercard, Netgear, and many more. Also I have 2 years 
experience in WordPress Development and Graphics Designing I have made 12+ websites using wordpress 
and also edit and make graphics as my side hobby.

gist/R0X4R

Social Media

Mostly used languages

Bash                     5 commits           ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓░░   94% 
Go                       1 commits           ░░░░░░░░░░░░░░░░░░░░   2.35%
Python                   0 commits           ░░░░░░░░░░░░░░░░░░░░   2%  
HTML                     3 commits           ░░░░░░░░░░░░░░░░░░░░   1% 
Others                   n commits           ░░░░░░░░░░░░░░░░░░░░   0.35%

garud's People

Contributors

Stargazers

Watchers

Forkers

vishal9066 th3cyb3rc0p ajitb1 tajarthot pykartik silentsoul04 bbhunter theamanrawat kathanp19 hollow667 tink2hack mohacksec nathanxa 7rust j3rry-1729 xtenex hackingbharat webic wwilson83 sulaimanzai rajivraj an0th3rhuman zzzapzzz hackinfinity psylinux 5l1v3r1 hariyopmail kingx48 attacker-codeninja c0axial sniper199 f8al office-of-tailored-access-operations nusiloot minkione hugoahosta bugsn1per israelccarvalho tor-0 doctorengineer gh0st0ne mqtt1988 devilld hiddengearz scriptkkiddie hangyakuzero isarabia92 manik-soft afwu kolabszar marciopocebon iwandanu itsshafiq demon1k deepanjalkumar h4r5h1t shahroufcse ktzgraph la3b0z s1berx xhrbash hartl3y94 architg358 mild0wl simrotion13 adibdz sashka3076 bhishma14 mikesdsd emadshanab lusterx witchfindertr h4ckdi mgcfish sa7mon xiaolushuo sagakrypto btool01 gprime31 phuong39 hmaringanti cr0dix666 akbruster madusec konvictt77 net-hun73r aerosayan secfb secthebit zpaav majidmc2 itpronepal yakshavingcatherder polling-repo-continua aksh095 ayiezola rakhithjk optionalg leechboy11 doris49383

garud's Issues

Payload file name mismatch?

Lines 11 & 12 in install.sh read as:

mv payloads/lfi.txt ~/tools/payloads/
mv payloads/ssti.txt ~/tools/payloads/

However lines 199 & 200 in garud read:

cat ~/tools/payloads/sstipayloads.txt | while read -r line; do cat domains/patterns/ssti.txt | qsreplace "$line" 2> /dev/null | anew -q temporary/ssti.txt;done
cat ~/tools/payloads/lfipayloads.txt | while read -r line; do cat domains/patterns/lfi.txt | qsreplace "$line" 2> /dev/null | anew -q temporary/lfi.txt;done

This produces a file not found error.

Not sure if it's a file name mismatch or whether lfipayloads.txt & sstipayloads.txt are distinct from lfi.txt & ssti.txt

Stuck at the crawling part - Gospider.txt output: unknown flag: --js

Hello guys,

I installed Garud on a kali linux VM, and when i run the command, i cant get it going more than the crawling part. It stuck at the crawling part and i managed to found in the gospider.txt (from the output of the scan) the following:
unknown flag: --js
Which is the reason that it get stuck at the crawling part i suppose.

Looking at the garud code, i found the line that causes the problem:
gospider -S enumeration/liveurls.txt -d 10 -c 20 -t 50 -K 3 --no-redirect --js -a -w --blacklist ".(eot|jpg|jpeg|gif|css|tif|tiff|png|ttf|otf|woff|woff2|ico|svg|txt)" --include-subs -q -o enumeration/temp/gospider 2> /dev/null | anew -q enumeration/parameters/gospider.txt && rm -rf out/ &> /dev/null

Can anyone help?
Is this something that has to do with a flag regarding gospider?
I couldnt find any flag --js in the gospiders' flags.

Script gets stuck at execution of amass command

Hello, i modified the script and removed all 2> /dev/null references to debug the issue and noticed that the scripts gets stuck where amass line executes (this is causing the script to not complete):

Tools get-title missing

Where download "get-title" ?

Issue with install option

On line 93, you need to change from run_tools to install_tools ;)

suggest

It would be even better if Garud could support the output of HTML reports.

Add more features

Add some more subdomain-enumeration tools, also add js-file enumeration and some additional features.

cannot run install.sh after chmod +x install.sh

crawling issue

"domains/endpoints.txt" file not found or doesn't contain anything"

Roxar have a query like

While scanning . keeping the low threads or high threads which will be good kinda im confused

error

[FTL] Could not create runner: could not parse provider config file: yaml: unmarshal errors:
line 9: cannot unmarshal !!bool true into []*discord.Options

issue while running install script

/install.sh: bad interpreter: /bin/bash^M: no such file or directory

OS : Kali or Ubuntu

After installation it is giving me error as below.

After installation I have just run the command like

Garud -d target.com -f target

Error output
[FTL] Could not create output file 'vulnerabilities/target-takeovers.txt': open vulnerabilities/target-takeovers.txt: no such file or directory

Why is it showing me error like this?

Stuck at subdomain scanning

This is my first time using the tool.
I just get stuck at subdomain scanning, I tried to leave it for about 3 hours and it was still stuck at the same phase, even I can't cancelling it by hitting ctrl + c, it won't cancel until I close my vps window

Any ideas where is the problem?
Thanks in advance.

Is this normal ?

Hello there

Is this normal because it takes a very long time?

FTL could not create runner file dosn't exist how ifix this if he bug

Dockerfile install wrong

Thereis a bug in dockerfile,Result in this error

Is there any solution to solve it?

Update v3.2 in Docker

Hey @frost19k,
Greetings of the day

I have updated garud to v3.2 can you please update the dockerfile and send me a PR.

Latest release: https://github.com/R0X4R/Garud/releases/tag/v3.2

Thanks
R0X4R

Provide some suggestions

Can add some de duplication and port scanning

Getting Error on running script

Getting the following error on running script

Get-title: getting errors

issues file not found database/urls.tct

Bad interpretor /bin/bash^M

Hello,

After trying to install Garud, here's the error I got :
bash: ./install.sh : /bin/bash^M : bad interpretor: No such file or directory

What I've done to fix :
sed -i -e 's/\r$//' install.sh

After applying my fix, it worked.

Issue at installation /usr/bin/env: ‘bash\r’: No such file or directory

/usr/bin/env: ‘bash\r’: No such file or directory

integration with https://xsshunter.com issues

Hello,
Is there any necessary conf to the tools works with xsshunter.com?

I tried garud -d hackerone.com -f hackerone -b MYDOMAINthere.xss.ht however I didn't receive the appropriate return.

I tested a HTML file with the payloads in xsshunter.com and it worked well by itself

install.sh problems

install.sh line 45 :
cd ~/tools/ && wget https://github.com/projectdiscovery/httpx/releases/download/v1.0.6/httpx_1.0.6_linux_386.tar.gz && tar -xvf httpx_1.0.3_linux_386.tar.gz && mv httpx /usr/bin/

Should be
cd ~/tools/ && wget https://github.com/projectdiscovery/httpx/releases/download/v1.0.6/httpx_1.0.6_linux_386.tar.gz && tar -xvf httpx_1.0.6_linux_386.tar.gz && mv httpx /usr/bin/

No Results

Hey,
I have installed all the dependecies but still whenever I run it on any target there is no result at all. Can you guide me what the issue seems to be?

domain list scan issue

how to scan list of domains? can you add domain list scan in this script.

assetfinder Getting errors

everytime i run the code the error pops up and the process terminates

Installation issue

Could not create output file 'vulnerabilities'

no such file directory

getting this error while installing
zsh: ./install.sh: bad interpreter: /bin/bash^M: no such file or directory

Error : xargs: unmatched single quote; by default quotes are special to xargs unless you use the -0 option

Output: /root/recon/output
Threads: 100

xargs: unmatched single quote; by default quotes are special to xargs unless you use the -0 option
xargs: unmatched single quote; by default quotes are special to xargs unless you use the -0 option
● Scanning is in progress: Scanning for vulnerabilities of example.com using nuclei [89%]

Add contributors.md file to thank contributors

Add contributors.md file to thank contributors for taking their timeout and make Garud more better.

Failed while testing for xss

Hey bro ,

while running the test it returned failed to dev/null
And this directory not found /vulnerabilities/injection/xss.txt

Add verbosity to Garud's output

Problem Description:
Currently Garud does not print STDOUT or STDERR from any tool. Which is to say that its working is opaque.
Given that some commands can take up to 50 minutes to complete (line 141) this causes confusion among users about whether Garud is actually doing anything. Further, if something goes wrong then Users cannot post error messages when opening issues, making the maintainer's job more difficult.

Porposed solution:
Make Garud more verbose.
A simple message to STDOUT about what is hapening behind the scenes & whether or not it succeeded.

Example:

red="\e[31m"
green="\e[32m"
bold="\e[1m"
normal="\e[0m"

success="[${green}done${normal}]"
failure="[${red}error${normal}]"

if [ ! -f tmp/crt.txt ] || [ ! -s tmp/crt.txt ]; then
    echo -n "Quering https://crt.sh..."
    curl -s "https://crt.sh/?q=%25.$domain&output=json" | jq -r '.[].name_value' 2>/dev/null | sed 's/\*\.//g' | sort -u | grep -o "\w.*$domain" | anew -q tmp/crt.txt
    if [ "${#PIPESTATUS[@]}" -gt 0 ]; then  #> If the sum of return codes from all commands in the pipe is greater than zero (i.e. an error occured somewhere)
        echo -e "${failure}"
    else
        echo -e "${success}"
    fi
fi

Output will look like this.

# When run...
Starting subdomain enumeration of hackerone.com
Quering https://crt.sh...
# On completion
Starting subdomain enumeration of hackerone.com
Quering https://crt.sh...[done]

Pros:
This code adds transparency while maintaining the clean look of Garud's output.

Cons:
The code baloons each line 9x - which would make the script nearly unmaintainable!

Given that each command is unique in it's input, output, & operation, I cannot determine a pattern which allows for functionalising the code above.

@R0X4R thoughts?

     STARTING SUBDOMAIN SCANNING ON https://vulnerable-website.com/ (it may take time)
     STARTING WEBCRAWLING ON https://vulnerable-website.com/ (it may take time)

https://github.com/internetwache/GitTools
https://www.exploit-db.com/ghdb/6630
https://github.com/cve-search/git-vuln-finder
etc
etc
STARTING NUCLEI VULNERABILITY SCANNING ON https://vulnerable-website.com/ (it may take time)
STARTING INJECTION VULNERABILITY SCANNING ON https://vulnerable-website.com/ (it may take time)
STARTING DIRECTORY FUZZING ON https://vulnerable-website.com/ (it may take time)

SCANNING COMPLETED SUCCESSFULY ON https;// vulnerable-website.com/