/cold.sh

your bestfried for finding URLs of a target

Primary LanguageShell

 ▄▄·       ▄▄▌  ·▄▄▄▄  
▐█ ▌▪▪     ██•  ██▪ ██ 
██ ▄▄ ▄█▀▄ ██▪  ▐█· ▐█▌: Crawl >> Links || Discover >> Endopints >> Params || Scan >> JavaScript >> Secrets || Analyze >> Everything
▐███▌▐█▌.▐▌▐█▌▐▌██. ██ 
·▀▀▀  ▀█▄▀▪.▀▀▀ ▀▀▀▀▀•

About:

Col(lect) D(ata): A Fancy Bash Wrapper around gau, github-endpoints, gospider, hakrawler, JSA, katana, subJS, waymore & xnLinkFinder to find as much Links, Endpoints & Params as possible on a single $URL.

Installation:

  • Bash:
sudo wget https://raw.githubusercontent.com/Azathothas/BugGPT-Tools/main/cold/cold.sh -O /usr/local/bin/cold && sudo chmod +xwr /usr/local/bin/cold && cold --help

Initialization:

cold -init
# Essentially dry runs and attempts auto install of dependencies and Initialize upon first & second run:
# cold -u https://example5.com -o /tmp/example5.com -gh ghp_xyz ; cold -u https://example5.com -o /tmp/example.com -gh ghp_xyz

Usage:

cold --help

 ▄▄·       ▄▄▌  ·▄▄▄▄  
▐█ ▌▪▪     ██•  ██▪ ██ 
██ ▄▄ ▄█▀▄ ██▪  ▐█· ▐█▌
▐███▌▐█▌.▐▌▐█▌▐▌██. ██ 
·▀▀▀  ▀█▄▀▪.▀▀▀ ▀▀▀▀▀• 

➼ Usage: cold -u <url> -o /path/to/outputdir -gh <github_token> <other options>

Extended Help
-u,       --url              Specify the URL to scrape (Required)
-o,       --output_dir       Specify the directory to save the output files (Required)
-gh,      --github_token     Specify manually: ghp_xxx (Not Required if $HOME/.config/.github_tokens exists)
-d,       --deep             Specify if Gospider, Hakrawler, Katana & XnLinkfinder should run with depth 5.(Slow)
-h,       --headers          Specify additional headers or cookies to use in the HTTP request (optional)
-init,    --init             Initialize ➼ cold by dry-running it against example.com (Only run on a fresh Install)
-up,      --update           Update cold
-ctmp,    --clean-tmp        Cleans /tmp/ files after run
-curls,   --clean-urls       Removes noisy junk urls (godeclutter | urless)
-params,  --discover-params  Runs Arjun for parameter discovery (Basic & Slow)
-secrets, --scan-secrets     Runs gf-secrets + TruffleHog (Massive Output, Resource-Intensive & Slow)

Example Usage: 
Basic: 
cold --url https://example.com --output_dir /path/to/outputdir --github_token ghp_xyz

Extensive: 
cold --url https://example.com --output_dir /path/to/outputdir --github_token ghp_xyz --headers "Authorization: Bearer token; Cookie: cookie_value" --deep --discover-params --scan-secrets

Tips: 
➼ Include UrlScan API keys in $HOME/Tools/waymore/config.yml to find more links
➼ Include multiple github_tokens in $HOME/.config/.github_tokens to avoid rate limits
➼ --scan-secrets produces massive files (Several GBs). So TuffleHog is run by default. Best run with --deep
➼ Don't Worry if your Terminal Hangs for a bit.. It's a feature not a bug