{"id":25406216,"url":"https://github.com/AabyssZG/FindEverything","last_synced_at":"2025-10-31T02:30:23.705Z","repository":{"id":252745518,"uuid":"841323943","full_name":"AabyssZG/FindEverything","owner":"AabyssZG","description":"内网渗透过程中搜寻指定文件内容，从而找到突破口的一个小工具","archived":false,"fork":false,"pushed_at":"2024-12-21T03:59:17.000Z","size":377,"stargazers_count":304,"open_issues_count":0,"forks_count":28,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-12T10:10:37.835Z","etag":null,"topics":["cybersecurity","cybersecurity-tools","everything","everything-search","find-files","intranet","intranet-penetration"],"latest_commit_sha":null,"homepage":"https://blog.zgsec.cn/archives/608.html","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AabyssZG.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-12T07:15:33.000Z","updated_at":"2025-02-12T02:01:54.000Z","dependencies_parsed_at":"2025-01-15T06:04:04.755Z","dependency_job_id":"02c6dec9-fe47-4294-a9c0-d2383b83c6fd","html_url":"https://github.com/AabyssZG/FindEverything","commit_stats":null,"previous_names":["aabysszg/findeverything"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AabyssZG%2FFindEverything","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AabyssZG%2FFindEverything/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AabyssZG%2FFindEverything/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AabyssZG%2FFindEverything/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AabyssZG","download_url":"https://codeload.github.com/AabyssZG/FindEverything/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239088391,"owners_count":19579435,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","cybersecurity-tools","everything","everything-search","find-files","intranet","intranet-penetration"],"created_at":"2025-02-16T05:08:44.595Z","updated_at":"2025-10-31T02:30:23.697Z","avatar_url":"https://github.com/AabyssZG.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"![FindEverything](https://socialify.git.ci/AabyssZG/FindEverything/image?description=1\u0026descriptionEditable=%E5%86%85%E7%BD%91%E6%B8%97%E9%80%8F%E8%BF%87%E7%A8%8B%E4%B8%AD%E6%90%9C%E5%AF%BB%E6%8C%87%E5%AE%9A%E6%96%87%E4%BB%B6%E5%86%85%E5%AE%B9%EF%BC%8C%E4%BB%8E%E8%80%8C%E6%89%BE%E5%88%B0%E7%AA%81%E7%A0%B4%E5%8F%A3%E7%9A%84%E4%B8%80%E6%AC%BE%E5%B0%8F%E5%B7%A5%E5%85%B7\u0026font=Rokkitt\u0026forks=1\u0026issues=1\u0026language=1\u0026logo=https%3A%2F%2Favatars.githubusercontent.com%2Fu%2F54609266%3Fv%3D4\u0026name=1\u0026owner=1\u0026pattern=Charlie%20Brown\u0026stargazers=1\u0026theme=Dark)\n\n## ✈️ 工具概述\n\n当对内网束手无策的时候，入口机器上面说不定藏着突破口，翻找本地的文件和建立的网络连接就是手法\n\n这里也提供一个文件内容敏感词的字典，需要可以自己去整理，如下:\n\n```\njdbc:\nuser=\npassword=\nkey=\nssh-\nldap:\nmysqli_connect\nsk-\n```\n\n通过快速遍历机器文件，去寻找这些关键词，可以找到突破口，这个代码我之前也分享给好几个朋友，在实战阶段效果不错，具体可以看公众号文章：[内网渗透信息搜集骚姿势](https://mp.weixin.qq.com/s/GkK4AgXsqng6OLAGs45MUg)\n\n## 🚨 项目优势\n\n**有其他敏感文件搜索工具，这个项目的优势在哪？**\n\n- Linux基本都自带 `Python2/Python3` 环境，可以直接用来跑脚本\n- 本项目没有使用到额外的pip库，运行 `.py` 脚本不需要执行额外的动作\n- 其他项目基本需要编译成可执行文件使用（比如采用 `go` 语言编写的项目），如果编译后的文件不兼容或者无法执行就寄了\n- 原理简单，输出文件方便清晰更加直观，有时最简单的就是最稳定的\n- 可自定义性强，可以自由指定文件后缀名、搜寻内容以及搜寻目录\n\n## 🐉 工具使用\n\n![FindEverything](./pic/FindEverything.png)\n\nPython的默认安装路径是 `/usr/bin/python` 或 `/usr/local/bin/python`\n\n通过以下命令可以尝试常见Python变量并查看版本 `-V`\n\n```\npython -V\npython2 -V\npython3 -V\npy -V\npy2 -V\npy3 -V\n```\n\nPython3环境\n\n```\npython3 FindEverything.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c \"password=\" -d D:/\npython3 FindEverything.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql\npython3 FindEverything.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql -o output.txt\n```\n\nPython3环境但没有tqdm包\n\n```\npython3 FindEverything-notqdm.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c \"password=\" -d D:/\npython3 FindEverything-notqdm.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql\npython3 FindEverything-notqdm.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql -o output.txt\n```\n\nPython2环境\n\n```\npython2 FindEverything-py2.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c \"password=\" -d D:/\npython2 FindEverything-py2.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql\npython2 FindEverything-py2.py -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql -o output.txt\n```\n\n没有Python环境则使用sh\n\n```\n./FindEverything.sh -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c \"password=\" -d D:/\n./FindEverything.sh -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql\n./FindEverything.sh -n .txt,.ini,.yaml,.php,.jsp,.java,.xml,.sql -c jdbc:mysql -o output.txt\n```\n\n其他小技巧\n\n```\nfind / -type f \\( -iname \"*.conf\" -o -iname \"*.yml\" -o -iname \"*.yaml\" -o -iname \"*.ini\" \\)\n```\n\n## 🙏 感谢各位师傅\n\n[![Star History Chart](https://api.star-history.com/svg?repos=AabyssZG/FindEverything\u0026type=Date)](https://star-history.com/#AabyssZG/FindEverything\u0026Date)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAabyssZG%2FFindEverything","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAabyssZG%2FFindEverything","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAabyssZG%2FFindEverything/lists"}