sigurlx a web application attack surface mapping tool.

Overview

sigurlx

release maintenance open issues closed issues license twitter

sigurlx a web application attack surface mapping tool, it does ...:

  • Categorize URLs

    URLs' categories
     > endpoint
     > js {js}
     > style {css}
     > data {json|xml|csv}
     > archive {zip|tar|tar.gz}
     > doc {pdf|xlsx|doc|docx|txt}
     > media {jpg|jpeg|png|ico|svg|gif|webp|mp3|mp4|woff|woff2|ttf|eot|tif|tiff}
    
  • Next, probe HTTP requests to the URLs for status_code, content_type, e.t.c

  • Next, for every URL of category endpoint with a query:

Resources

Usage

To display help message for sigurlx use the -h flag:

$ sigurlx -h

     _                  _      
 ___(_) __ _ _   _ _ __| |_  __
/ __| |/ _` | | | | '__| \ \/ /
\__ \ | (_| | |_| | |  | |>  < 
|___/_|\__, |\__,_|_|  |_/_/\_\ v2.1.0
       |___/

USAGE:
  sigurlx [OPTIONS]

GENERAL OPTIONS:
  -iL                       input urls list (use `-iL -` to read from stdin)
  -threads                  number concurrent threads (default: 20)
  -update-params            update params file

HTTP OPTIONS:
  -delay                    delay between requests (default: 100ms)
  -follow-redirects         follow redirects (default: false)
  -follow-host-redirects    follow internal redirects i.e, same host redirects (default: false)
  -http-proxy               HTTP Proxy URL
  -timeout                  HTTP request timeout (default: 10s)
  -UA                       HTTP user agent

OUTPUT OPTIONS:
  -nC                       no color mode
  -oJ                       JSON output file (default: ./sigurlx.json)
  -v                        verbose mode

Installation

From Binary

You can download the pre-built binary for your platform from this repository's releases page, extract, then move it to your $PATHand you're ready to go.

From Source

sigurlx requires go1.14+ to install successfully. Run the following command to get the repo

▶ go get -u github.com/drsigned/sigurlx/cmd/sigurlx

From Github

▶ git clone https://github.com/drsigned/sigurlx.git
▶ cd sigurlx/cmd/sigurlx/
▶ go build .
▶ mv sigurlx /usr/local/bin/
▶ sigurlx -h

Contribution

Issues and Pull Requests are welcome!

Releases(v2.1.0)
Owner
Alex Munene
Alex Munene
Go-watchdog - a web application observability tool built for Go

Go-watchdog is a web application observability tool built for Go, it exposes a status endpoint for application services like databases, caches, message-brokers, mails and storages.

salem ododa 3 Jun 14, 2022
This application is used as an example HTTP/SQLite application for Litestream tutorials.

This application is used as an example HTTP/SQLite application for Litestream tutorials. It simply maintains a count of HTTP requests and persists it to a SQLite database.

Ben Johnson 12 Apr 2, 2022
A simple database application that I was asked to implement as part of a job application process

This is a simple database application that I was asked to implement as part of a job application process. They told me I could choose any languages an

null 0 Nov 24, 2021
GoTTY - Share your terminal as a web application

GoTTY - Share your terminal as a web application GoTTY is a simple command line tool that turns your CLI tools into web applications. Installation Fro

Soren L. Hansen 1.6k Jul 2, 2022
Retro-Floppy UI is a web based application for managing & using a GoTek floppy emulator running the Flash Floppy firmware.

A web user interface for a GoTek running flashfloppy utilising a Raspberry PI 0W as the storage. This allows for remote uploading of files & selecting which disk image is loaded on a retro computer like the BBC Micro or Amiga A1200

Peter Mount 5 Aug 26, 2021
A simple web application written in Golang which listens on port 8080

GoWebApp It's a simple web application written in Golang which listens on port 8080 Building It can be build using the command go build -o metricsweba

Viral Kamdar 0 Oct 21, 2021
A web application example to work with a customer object

Wallester Task This repository contains a web application example to work with a customer object. Build in GO version 1.17.1 Live running app example

null 0 Oct 25, 2021
🖖🏻 A self-hosted Quora like web application written in Go

Guora ???? A self-hosted Quora like web application written in Go 基于 Golang 类似知乎的私有部署问答应用 包含问答、评论、点赞、管理后台等功能 Quick Start (Docker Deploy) $ docker-comp

meloalright 597 Jun 23, 2022
Using golang framework (Gin) to create a web-application

News feeder Using golang framework (Gin) to create a web-application. This simpl

AmirH.Najafizadeh 1 Dec 20, 2021
Go-service-gin - Simple Web api application developed in Golang and Gin

Simple Web api application developed in Golang and Gin Initial Tutorial URL http

Nurul Huda Robin 0 Jan 4, 2022
Go kickstart is a simple repository that I'm managing to a have a fast setup for Go web application

Go kickstart is a simple repository that I'm managing to a have a fast setup for Go web application with my most common use cases using practices that I found useful and easy to maintain.

Sanjeya C 0 Jan 30, 2022
Ecommerce-api - Rest api of e-commerce web application

E-commerce Rest API Swagger documentation to test api Domain diagram

Павел Шпаковский 9 May 1, 2022
GoVWA - A web application developed to help the pentester and programmers to learn the vulnerabilities

GoVWA - A web application developed to help the pentester and programmers to learn the vulnerabilities

David Nester 0 Feb 12, 2022
Jeen is a package wrapper that is used as a web application base for the go language.

Jeen Jeen is a package wrapper that is used as a web application base for the go language. Package Wrappers? Yes, because jeen works by using other av

Fuad Ar-Radhi 1 Feb 21, 2022
Extract structured data from web sites. Web sites scraping.

Dataflow kit Dataflow kit ("DFK") is a Web Scraping framework for Gophers. It extracts data from web pages, following the specified CSS Selectors. You

Dmitry Narizhnykh 532 Jun 27, 2022
記帳-PWA-web-app (Bookkeeping-PWA-web-app)

GoKeep (bookkeeping web app) 記帳-PWA-web-app (Bookkeeping-PWA-web-app) demo link : https://bookkepping.herokuapp.com/ 測試用帳密 : tester002 , tester002 (亦可

Yu-Zhuang Lin 5 Jan 31, 2022
log4jScanner: provides you with the ability to scan internal (only) subnets for vulnerable log4j web servicelog4jScanner: provides you with the ability to scan internal (only) subnets for vulnerable log4j web service

log4jScanner Goals This tool provides you with the ability to scan internal (only) subnets for vulnerable log4j web services. It will attempt to send

Profero 477 Jun 27, 2022
Web terminal - A (unsafe) technical demo to export a shell to web browser

Web Terminal A (unsafe) technical demo to export a shell to web browser. This pr

null 50 Jun 7, 2022
Go-web-scaffold - A simple scaffold for building web app quickly

Go-web-scaffold A simple scaffold for building web app quickly. features This sc

Statrue 3 Jan 21, 2022