|
|
@ -7,7 +7,7 @@ |
|
|
|
|
|
|
|
|
|
|
|
# Prompts the user to select a wordlist from the wordlists folder |
|
|
|
# Prompts the user to select a wordlist from the wordlists folder |
|
|
|
wordlistSelect() { |
|
|
|
wordlistSelect() { |
|
|
|
fd -a --type f --hidden --follow --color=always --exclude .git --exclude \*.md --exclude \*.gif --exclude \*.jpg --exclude \*.png --exclude \*.lua --exclude \*.jar --exclude \*.pl '' /usr/share/wordlists/ | fzf --preview 'bat --color=always {}' |
|
|
|
fd -a --type f --hidden --follow --color=always --exclude .git --exclude \*.md --exclude \*.gif --exclude \*.jpg --exclude \*.png --exclude \*.lua --exclude \*.jar --exclude \*.pl --exclude \*.torrent --exclude \*.7z '' /usr/share/wordlists/ | fzf --preview 'bat --color=always {}' |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
regexSelect(){ |
|
|
|
regexSelect(){ |
|
|
@ -19,14 +19,184 @@ regexSelect(){ |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
echo -ne "URLs\t" |
|
|
|
echo -ne "URLs\t" |
|
|
|
echo -n 'https?://[^\"\\'"'"'> ]+' |
|
|
|
echo -n $'https?://[^"\'> ]+' |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
echo -ne "AWS Keys\t" |
|
|
|
echo -ne "AWS Keys\t" |
|
|
|
echo -n '([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}' |
|
|
|
echo -n '([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}' |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
) | column -t -s $'\t' | fzf --preview-window top:1 --preview 'echo {3}' --delimiter ' +' --header-lines 1 --with-nth 1,2 | awk -F ' +' '{print "\"" $2 "\""}' |
|
|
|
echo -ne "md5\t" |
|
|
|
|
|
|
|
echo -n '[0-9a-f]\{32\}' |
|
|
|
|
|
|
|
echo -e "\t" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Bcrypt\t" |
|
|
|
|
|
|
|
echo -n '\$2[ayb]\$.{56}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Cloudinary\t" |
|
|
|
|
|
|
|
echo -n 'cloudinary://.*' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Firebase URL\t" |
|
|
|
|
|
|
|
echo -n '.*firebaseio\.com' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Slack Token\t" |
|
|
|
|
|
|
|
echo -n '(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "RSA private key\t" |
|
|
|
|
|
|
|
echo -n '-----BEGIN RSA PRIVATE KEY-----' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "SSH (DSA) private key\t" |
|
|
|
|
|
|
|
echo -n '-----BEGIN DSA PRIVATE KEY-----' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "SSH (EC) private key\t" |
|
|
|
|
|
|
|
echo -n '-----BEGIN EC PRIVATE KEY-----' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "PGP private key block\t" |
|
|
|
|
|
|
|
echo -n '-----BEGIN PGP PRIVATE KEY BLOCK-----' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Amazon AWS Access Key ID\t" |
|
|
|
|
|
|
|
echo -n 'AKIA[0-9A-Z]{16}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Amazon MWS Auth Token\t" |
|
|
|
|
|
|
|
echo -n 'amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "AWS API Key\t" |
|
|
|
|
|
|
|
echo -n 'AKIA[0-9A-Z]{16}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Facebook Access Token\t" |
|
|
|
|
|
|
|
echo -n 'EAACEdEose0cBA[0-9A-Za-z]+' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Facebook OAuth\t" |
|
|
|
|
|
|
|
echo -n $'[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*[\'|"][0-9a-f]{32}[\'|"]' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "GitHub\t" |
|
|
|
|
|
|
|
echo -n $'[g|G][i|I][t|T][h|H][u|U][b|B].*[\'|"][0-9a-zA-Z]{35,40}[\'|"]' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Generic API Key\t" |
|
|
|
|
|
|
|
echo -n $'[a|A][p|P][i|I][_]?[k|K][e|E][y|Y].*[\'|"][0-9a-zA-Z]{32,45}[\'|"]' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Generic Secret\t" |
|
|
|
|
|
|
|
echo -n $'[s|S][e|E][c|C][r|R][e|E][t|T].*[\'|"][0-9a-zA-Z]{32,45}[\'|"]' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google API Key\t" |
|
|
|
|
|
|
|
echo -n 'AIza[0-9A-Za-z\\-_]{35}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Cloud Platform API Key\t" |
|
|
|
|
|
|
|
echo -n 'AIza[0-9A-Za-z\\-_]{35}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Cloud Platform OAuth\t" |
|
|
|
|
|
|
|
echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Drive API Key\t" |
|
|
|
|
|
|
|
echo -n 'AIza[0-9A-Za-z\\-_]{35}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Drive OAuth\t" |
|
|
|
|
|
|
|
echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google (GCP) Service-account\t" |
|
|
|
|
|
|
|
echo -n '"type": "service_account"' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Gmail API Key\t" |
|
|
|
|
|
|
|
echo -n 'AIza[0-9A-Za-z\\-_]{35}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google Gmail OAuth\t" |
|
|
|
|
|
|
|
echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google OAuth Access Token\t" |
|
|
|
|
|
|
|
echo -n 'ya29\\.[0-9A-Za-z\\-_]+' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google YouTube API Key\t" |
|
|
|
|
|
|
|
echo -n 'AIza[0-9A-Za-z\\-_]{35}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Google YouTube OAuth\t" |
|
|
|
|
|
|
|
echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Heroku API Key\t" |
|
|
|
|
|
|
|
echo -n '[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "MailChimp API Key\t" |
|
|
|
|
|
|
|
echo -n '[0-9a-f]{32}-us[0-9]{1,2}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Mailgun API Key\t" |
|
|
|
|
|
|
|
echo -n 'key-[0-9a-zA-Z]{32}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Password in URL\t" |
|
|
|
|
|
|
|
echo -n '[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "PayPal Braintree Access Token\t" |
|
|
|
|
|
|
|
echo -n 'access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Picatic API Key\t" |
|
|
|
|
|
|
|
echo -n 'sk_live_[0-9a-z]{32}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Slack Webhook\t" |
|
|
|
|
|
|
|
echo -n 'https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Stripe API Key\t" |
|
|
|
|
|
|
|
echo -n 'sk_live_[0-9a-zA-Z]{24}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Stripe Restricted API Key\t" |
|
|
|
|
|
|
|
echo -n 'rk_live_[0-9a-zA-Z]{24}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Square Access Token\t" |
|
|
|
|
|
|
|
echo -n 'sq0atp-[0-9A-Za-z\\-_]{22}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Square OAuth Secret\t" |
|
|
|
|
|
|
|
echo -n 'sq0csp-[0-9A-Za-z\\-_]{43}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Twilio API Key\t" |
|
|
|
|
|
|
|
echo -n 'SK[0-9a-fA-F]{32}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Twitter Access Token\t" |
|
|
|
|
|
|
|
echo -n '[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*[1-9][0-9]+-[0-9a-zA-Z]{40}' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -ne "Twitter OAuth\t" |
|
|
|
|
|
|
|
echo -n $'[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*[\'|"][0-9a-zA-Z]{35,44}[\'|"]' |
|
|
|
|
|
|
|
echo -e "\tRequires extended regex -E in grep" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
) | column -t -s $'\t' | fzf --preview-window top:1 --preview 'echo {3}' --delimiter ' +' --header-lines 1 --with-nth 1,2 | awk -F ' +' '{gsub("\"","\\\"",$2); print "\"" $2 "\""}' |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
word_replace(){ |
|
|
|
word_replace(){ |
|
|
|