Need help with Garud?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

R0X4R
361 Stars 97 Forks MIT License 198 Commits 2 Opened issues

Description

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Services available

!
?

Need anything else?

Contributors list


Garud

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.


I made this tool to automate my recon and save my time. It really give me headache always type such command and then wait to complete one command and I type other command. So I collected some of the tools which is widely used in the bugbounty field. In this script I used Assetfinder, subfinder, amass, httpx, sublister, gauplus and gf patterns and then it uses dirsearch, dalfox, nuclei and kxss to find some low-hanging fruits.

The script first enumerates all the subdomains of the give target domain using assetfinder, sublister, subfinder and amass then filters all live domains from the whole subdomain list then it extarct titles of the subdomains using httpx then it scans for subdomain takeover using nuclei. Then it uses gauplus to extract paramters of the given subdomains then it use gf patterns to filters xss, ssti, ssrf, sqli params from that given subdomains and then it scans for low hanging fruits as well. Then it'll save all the output in a text file like target-xss.txt. Then it will send the notifications about the scan using notify.

What's new in v2.5: Get results on the terminal screen. You can resume where you left just delete the last completed file and run the script again in the same output folder.


garud mindmap
How garud works

Installation

Requirements: Go Language and Python 3.
System requirements: Recommended to run on vps with 1VCPU and 2GB ram.

Tools used - You must need to install these tools to use this script

subfinder
sublist3r
gf patterns
dnsx
assetfinder
httpx
kxss
qsreplace
nuclei
dalfox
anew
notify
aquatone
urldedupe
amass
gauplus
crlfuzz
ffuf
subjs
JSA
goBuster
waybackurls

#Make sure you're root before installing the tool

garud:~ sudo su garud:~ apt install git garud:~ git clone https://github.com/R0X4R/Garud.git && cd Garud/ && chmod +x garud install.sh && mv garud /usr/bin/ && ./install.sh

Usage

[GARUD] - Coded by R0X4R in INDIA with <3

Example Usage: garud [-d target.tld] [-o output destination] [-t threads] [-b blind xss URL] [-x OOS domains]

Flags: -b, --blind Add your xss server for BXSS [Default: false] (e.g. -b test.xss.ht) -d, --domain Add your target (e.g -d target.tld) -o, --output Write to output folder (e.g -o results/) -s, --silent Hide output in the terminal [Default: false] -t, --threads Number of threads [Default: 100] (e.g. -t 300) -v, --version Print current version of Garud -x, --exclude Exclude out of scope domains [Default: false] (e.g. -x ~/oosdomains.txt)

Fix errors while using or installing Garud

garud:~ chmod +x install.sh && ./install.sh
Error: ./install.sh : /bin/bash^M : bad interpretor: No such file or directory

fix

garud:~ sed -i -e 's/\r$//' install.sh

You can also copy the error and search on google this will make your debugging skills better ;)

Example Usage

garud:~ garud -d hackerone.com -o hackerone

Add threads to your scan

bash
garud:~ garud -d hackerone.com -o hackerone -t 200
Scan for blind xss, you can get your xss server from xsshunter.com
bash
garud:~ garud -d hackerone.com -o hackerone -b test.xss.ht
Exclude out of scope domains
bash
garud:~ echo test.hackerone.com > ossdomain.txt
garud:~ garud -d hackerone.com -o hackerone -x ~/ossdomain.txt
With all flags
bash
garud:~ garud -d hackerone.com -o hackerone -t 300 -b test.xss.ht -x ~/ossdomain.txt

Hide output in the terminal

garud:~ garud -d hackerone.com -o hackerone -t 300 -b test.xss.ht -x ~/ossdomain.txt -s

Start where you left

bash
garud:~ garud -d hackerone.com. -o hackerone -t 300
Starting scan...
^C # assume you stopped at nuclei scan
garud:~ cd hackerone && rm -rf nuclei
garud:~ cd
garud:~ garud -d hackerone.com. -o hackerone -t 300

Notifications

Slack Notification Bot
Discord Notification Bot
Telegram Notification Bot
Configure Notify

Donate

Thanks to the authors of the tools used in this script.

@aboul3la
@tomnomnom
@lc
@hahwul
@projectdiscovery
@maurosoria
@shelld3v
@devanshbatham
@michenriksen
@defparam
@projectdiscovery
@bp0lr
@ameenmaali
@dwisiswant0
@OWASP
@1ndianl33t
@sqlmapproject
@w9w
@OJ

Warning: This code was originally created for personal use, it generates a substantial amount of traffic, please use with caution.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.