Skip to content

1ndianl33t/Gf-Patterns

BranchesTags

Repository files navigation

Gf-Patterns V 1.9

GF By Twitter

A wrapper around grep, to help you grep for things

installation

Go Path Setup

If you've got Go installed and configured you can install waybackurls & Gf with:

go install github.com/tomnomnom/waybackurls@latest

Now download the gf tool for go lang 17 (that is go1.17) and may be above

go install github.com/tomnomnom/gf@latest

Or download the gf tool for go lang 16 (that is go1.16) and below

go get -u github.com/tomnomnom/gf

If you've installed using go install, you can enable auto-completion to your .bashrc like this:

 echo 'source $GOPATH/pkg/mod/github.com/tomnomnom/gf@v0.0.0-20200618134122-dcd4c361f9f5/gf-completion.bash' >> ~/.bashrc

If you've installed using go get, you can enable auto-completion to your .bashrc like this:

 echo 'source $GOPATH/src/github.com/tomnomnom/gf/gf-completion.bash' >> ~/.bashrc

Note that you'll have to restart your terminal, or run source ~/.bashrc for the changes to take effect.

To get started quickly, you can copy the example pattern files to ~/.gf like this:

 mkdir .gf

If you've installed using go install, you can copy the example pattern files to ~/.gf like this:

 cp -r $GOPATH/pkg/mod/github.com/tomnomnom/gf@v0.0.0-20200618134122-dcd4c361f9f5/examples ~/.gf

If you've installed using go get, you can copy the example pattern files to ~/.gf like this:

cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf

MY Gf Patterns installation

 git clone https://github.com/1ndianl33t/Gf-Patterns

To get started quickly, you can copy the example pattern files to ~/.gf like this:

 mkdir .gf
 mv ~/Gf-Patterns/*.json ~/.gf

Use example

 cat subdomains.txt | waybackurls | sort -u >> waybackdata | gf ssrf | tee -a ssfrparams.txt cat waybackdata | gf redirect | tee -a redirect.txt

Pattern Files

The pattern definitions are stored in ~/.gf as little JSON files that can be kept under version control:

gf ssrf

▶ cat ~/.gf/ssrf.json { "flags": "-iE", "patterns": [ "access", "admin", "dbg", "debug", "edit", "grant", "test", "alter", "clone", "create", "delete", "disable", "enable", "exec", "execute", "load", "make", "modify", "rename", "reset", "shell", "toggle", "adm", "root", "cfg", "dest", "redirect", "uri", "path", "continue", "url", "window", "next", "data", "reference", "site", "html", "val", "validate", "domain", "callback", "return", "page", "feed", "host", "port", "to", "out", "view", "dir", "show", "navigation", "open" ] }

gf redirect

▶ cat ~/.gf/redirect { "flags": "-iE", "patterns": [ "forward=", "dest=", "redirect=", "uri=", "path=", "continue=", "url=", "window=", "to=", "out=", "view=", "dir=", "show=", "navigation=", "Open=", "file=", "val=", "validate=", "domain=", "callback=", "return=", "page=", "feed=", "host=", "port=", "next=", "data=", "reference=", "site=", "html=" ] }

gf rce

▶ cat ~/.gf/rce.json { "flags": "-iE", "patterns": [ "daemon", "upload", "dir", "execute", "download", "log", "ip", "cli", "cmd" ] }

Gf idor

▶ cat ~/.gf/idor.json { "flags": "-iE", "patterns": [ "id", "user", "account", "number", "order", "no", "doc", "key", "email", "group", "profile", "edit", "report" ] }

Gf Sqli

▶ cat ~/.gf/sqli.json { "flags": "-iE", "patterns": [ "id", "select", "report", "role", "update", "query", "user", "name", "sort", "where", "search", "params", "process", "row", "view", "table", "from", "sel", "results", "sleep", "fetch", "order", "keyword", "column", "field", "delete", "string", "number", "filter" ] }

Gf LFI

▶ cat ~/.gf/lfi.json { "flags": "-iE", "patterns": [ "file", "document", "folder", "root", "path", "pg", "style", "pdf", "template", "php_path", "doc" ] }

Gf ssti

▶ cat ~/.gf/ssti.json { "flags": "-iE", "patterns": [ "template", "preview", "id", "view", "activity", "name", "content", "redirect" ] }

Gf debug_logic

▶ cat ~/.gf/debug_logic.json { "flags": "-iE", "patterns": [ "access", "admin", "dbg", "debug", "edit", "grant", "test", "alter", "clone", "create", "delete", "disable", "enable", "exec", "execute", "load", "make", "modify", "rename", "reset", "shell", "toggle", "adm", "root", "cfg", "config" ] }

Donations

You can encourage me to contribute more to the open source with donations.

8085778875

Credit

Twitter Bugcrowd HUNT Twitter

Contributers

@victoni added more redirect parameters

@s0meguy1 redirect & ssrf pattern Added additional filters

Contact

Twitter

About

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

Resources

Readme

License

MIT license
Activity

Stars

1.4k stars

Watchers

26 watching

Forks

305 forks
Report repository

Releases

No releases published

Sponsor this project

Packages

 
 
 

Contributors