Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Sachin-v3rma/Astra
Astra is a tool to find URLs and secrets inside a webpage/files
https://github.com/Sachin-v3rma/Astra
bugbounty hacking infosec pentesting security
Last synced: 22 days ago
JSON representation
Astra is a tool to find URLs and secrets inside a webpage/files
- Host: GitHub
- URL: https://github.com/Sachin-v3rma/Astra
- Owner: Sachin-v3rma
- Created: 2021-05-22T07:57:15.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-03-14T15:07:39.000Z (over 1 year ago)
- Last Synced: 2024-08-05T17:45:06.992Z (4 months ago)
- Topics: bugbounty, hacking, infosec, pentesting, security
- Language: Python
- Homepage:
- Size: 223 KB
- Stars: 208
- Watchers: 2
- Forks: 28
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - Sachin-v3rma/Astra - Astra is a tool to find URLs and secrets inside a webpage/files (Python)
- project-awesome - Sachin-v3rma/Astra - Astra is a tool to find URLs and secrets inside a webpage/files (Python)
README
Astra finds urls, endpoints, aws buckets, api keys, tokens, etc from a given url/s. It combines the paths and endpoints with the given domain and
gives full URL. We can use it on js, html, etc files.
Astra uses asynchronous method to fetch URLs using python's aiohttp and asyncio.
Its a combination of linkfinder and secretfinder. Uses Regex's from linkfinder, secretfinder and nuclei templates.
Although None of them worked exactly because python's regex r way different.
So basically everyone of them is modified by me.# Installation
git clone https://github.com/Sachin-v3rma/Astra && cd Astra
pip3 install -r requirements.txt# Usage
Takes Input from stdin, so easy to use in automation.
Flags :
-ns --> No Secretfinder. Only find urls and endpoints. Also increases the speed.
-t --> Threads. Only increase if you have strong internet connection.Example :
cat live_subdomains.txt | python3 Astra.py
echo https://www.example.com | python3 Astra.py -ns |tee astra_urls.txt
cat js_urls.txt | python3 Astra.py -t 20 | anew urls_secrets.txtOutput :
If u wanna remove the counter comment out the line 174-177 or you can use head command to remove them.
Use grep "\[IP\]" to grep IPs.
Use grep "\[$\]" to grep secrets.
Use grep "\[C\]" to grep aws buckets.
Use grep "^http" to grep URLs.Also decrease the threads if your internet connection is weak (like i use mobile data :( ).
# Creator
Made by Sachin Verma with <3
Twitter : sachin_vmNO BANNER BECAUSE WHY ??