{"id":18982618,"url":"https://github.com/t3l3machus/eviltree","last_synced_at":"2025-05-16T08:06:44.793Z","repository":{"id":60732949,"uuid":"542713467","full_name":"t3l3machus/eviltree","owner":"t3l3machus","description":"A python3 remake of the classic \"tree\" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.","archived":false,"fork":false,"pushed_at":"2025-01-19T15:24:07.000Z","size":10128,"stargazers_count":389,"open_issues_count":0,"forks_count":44,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-08T20:19:53.514Z","etag":null,"topics":["infosec","infosectools","linux","open-source","pentesting","privilege-escalation","redteam-tools","windows"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/t3l3machus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":["https://www.buymeacoffee.com/t3l3machus","https://ko-fi.com/t3l3machus","https://github.com/sponsors/t3l3machus"]}},"created_at":"2022-09-28T17:32:04.000Z","updated_at":"2025-03-27T00:24:13.000Z","dependencies_parsed_at":"2024-11-16T03:03:25.130Z","dependency_job_id":"b7f61e5f-ae0b-4c6d-a3e4-d158d4131b54","html_url":"https://github.com/t3l3machus/eviltree","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2Feviltree","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2Feviltree/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2Feviltree/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2Feviltree/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/t3l3machus","download_url":"https://codeload.github.com/t3l3machus/eviltree/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254493385,"owners_count":22080127,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["infosec","infosectools","linux","open-source","pentesting","privilege-escalation","redteam-tools","windows"],"created_at":"2024-11-08T16:14:12.904Z","updated_at":"2025-05-16T08:06:39.785Z","avatar_url":"https://github.com/t3l3machus.png","language":"Python","funding_links":["https://www.buymeacoffee.com/t3l3machus","https://ko-fi.com/t3l3machus","https://github.com/sponsors/t3l3machus"],"categories":[],"sub_categories":[],"readme":"# EvilTree\n[![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) \n[![License](https://img.shields.io/badge/license-BSD-red.svg)](https://github.com/t3l3machus/eviltree/blob/main/LICENSE)\n\u003cimg src=\"https://img.shields.io/badge/Maintained%3F-Yes-96c40f\"\u003e\n![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge\u0026logo=linux\u0026logoColor=black)\n![Windows](https://img.shields.io/badge/Windows-0078D6?style=for-the-badge\u0026logo=windows\u0026logoColor=white)\n\nA standalone python3 remake of the classic \"tree\" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches. Created for two main reasons:\n - While searching for secrets in files of nested directory structures, being able to visualize which files contain user provided keywords/regex patterns and where those files are located in the hierarchy of folders, provides a significant advantage. \n - \"tree\" is an amazing tool for analyzing directory structures. It's really handy to have a standalone alternative of the command for post-exploitation enumeration as it is not pre-installed on every linux distro and is kind of limited on Windows (compared to the UNIX version). \n\n\n\u003c!--\n\u003ca href=\"https://twitter.com/intent/tweet?text=A%20standalone%20python3%20remake%20of%20the%20classic%20%22tree%22%20command%20with%20the%20additional%20feature%20of%20searching%20for%20user%20provided%20keywords%2Fregex%20in%20files%2C%20highlighting%20those%20that%20contain%20matches.\u0026url=https://github.com/t3l3machus/eviltree\u0026via=t3l3machus\u0026hashtags=cybersecurity,pentesting,redteaming,hacking,github\" target=\"_blank\"\u003e\n  \u003cimg alt=\"Tweet\" height=\"22px\" src=\"https://img.shields.io/twitter/url/http/shields.io.svg?style=social\"\u003e\n\u003c/a\u003e\n--\u003e\n\n## Usage Examples\n\n**Example #1**: Running a regex that essentially matches strings similar to: `password = something` against `/var/www`\n\n![image](https://user-images.githubusercontent.com/75489922/193536337-188b1f0d-46ad-4680-b068-a4f1772734da.png)\n   \n    \n**Example #2**: Using comma separated keywords instead of regex:\n\n![image](https://user-images.githubusercontent.com/75489922/193478656-a184ab55-0b3b-4f54-ada4-e658406503c1.png)  \n**Disclaimer**: Only tested on Windows 10 Pro.\n\n## Quick commands\n```\npython3 eviltree.py -r C:\\xampp -k password,passwd,admin -i -v -q \npython3 eviltree.py -r /var/www -x \".{0,3}passw.{0,3}[=]{1}.{0,18}\" -i -v -q -L 3\npython3 eviltree.py -r / -x \".{0,3}passw.{0,3}[=]{1}.{0,18}\" -i -v -q -A -f -L 3\n```\n\n## Further Options \u0026 Usage Tips\nNotable features:\n- Regex `-x` search actually returns a unique list of all matched patterns in a file. Be careful when combining it with `-v` (--verbose), try to be specific and limit the length of chars to match.\n - You can search keywords/regex in binary files as well by providing option `-b`.\n - You can use this tool as the classic \"tree\" command if you do not provide keywords `-k` and regex `-x` values. This is useful in case you have gained a limited shell on a machine and want to have \"tree\" with colored output to look around.\n - There's a list variable `filetype_blacklist` in `eviltree.py` which can be used to exclude certain file extensions from content search. By default, it excludes the following: `gz, zip, tar, rar, 7z, bz2, xz, deb, img, iso, vmdk, dll, ovf, ova`.\n - A quite useful feature is the `-i` (--interesting-only) option. It instructs eviltree to list only files with matching keywords/regex content, significantly reducing the output length:\n   \n ![image](https://user-images.githubusercontent.com/75489922/193540467-7fa13d73-0893-491f-9b1b-89b34cae8ad7.png)\n\n## Useful keywords/regex patterns\n - Regex to look for passwords: `-x \".{0,3}passw.{0,3}[=]{1}.{0,18}\"`\n - Keywords to look for sensitive info: `-k passw,db_,admin,account,user,token`\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft3l3machus%2Feviltree","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ft3l3machus%2Feviltree","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft3l3machus%2Feviltree/lists"}