Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/proditis/orunmila
a simple tool to refine and produce lists for your bugbounty and pen-test engagements
https://github.com/proditis/orunmila
bugbounty dirbuster ffuf pen-test-tools pen-testing penetration-testing pentest-tool pentesting
Last synced: about 1 month ago
JSON representation
a simple tool to refine and produce lists for your bugbounty and pen-test engagements
- Host: GitHub
- URL: https://github.com/proditis/orunmila
- Owner: proditis
- License: bsd-2-clause
- Created: 2022-12-04T01:39:26.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2023-06-05T09:12:07.000Z (over 1 year ago)
- Last Synced: 2024-06-20T03:56:07.865Z (5 months ago)
- Topics: bugbounty, dirbuster, ffuf, pen-test-tools, pen-testing, penetration-testing, pentest-tool, pentesting
- Language: Go
- Homepage:
- Size: 67.4 KB
- Stars: 5
- Watchers: 2
- Forks: 0
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Orunmila
A simple tool to refine and produce lists for your bugbounty and pen-test engagements.
The idea behind it is fairly simple, a small sqlite(??) database with each word associated tags. Each word in the dictionary can be associated with multiple tags.
This provides for a way to later request the words from a database based on specific tags and use the generated wordlist with you normal tools, be it ffuf, dirbuster etc.
## Installation
```sh
GO111MODULE=on go install github.com/proditis/orunmila@latest
```
## Building
NOTE: This is still a really early prototype so not much of a build system into the mix.
```sh
export CGO_ENABLED=1
go get github.com/mattn/go-sqlite3
go get github.com/sirupsen/logrus
go build orunmila.go
```
## Subcommands
* **`add`** words from the cli
```sh
orunmila add -tags a,b,c word1 word2 word3
```
* **`import`** words from a file
```sh
orunmila import -tags a,b,c filename
```
* **`search`** words
```
orunmila search -tags a,b,c filename
```
* **`vacuum`** database and apply any schema updates
```sh
orunmila vacuum a
```
* **`describe`** a database
```sh
orunmila describe My Description for this database
```
* **`info`** return information about a database
```sh
$ orunmila info all
[version]: 0.0.0
[dbname]: default
[description]: My Description for this database
```
## Examples
* Import words from `lista.txt` and tag as `lista`
```
orunmila import -tags lista lista.txt
```
* List words with tag as `lista`
```
orunmila search -tags lista
```
* Import words from `listb.txt` and tag as `listb`
```
orunmila import -tags listb listb.txt
```
* List words with tag as `listb`
```
orunmila search -tags listb
```
* Import words from `lista.txt` and `listb.txt` and tag as `listc`
```
orunmila import -tags listc lista.txt listb.txt
```
* List words with tag as `listc` (should return all words)
```
orunmila search -tags listc
```
### Drupal example
Take the following hypothetical scenario, we have a target system that is based on drupal. We have already populated our `orunmila.db` with appropriate words and tags before hand.
Using orunmila we extract the keywords that match our criteria
```sh
orunmila search -tags drupal,dir,nginx,php >drupal_words.txt
ffuf -w drupal_words.txt -u https://drupal-target/FUZZ
```
The tool supports using specific database files ie
```
orunmila search -db programXYZ.db -tags nginx,soap,swift,api,xml
```
You can use Orunmila to import wordlists into your database with given set of tags. Existing words will have their tags updated to include old and new ones
```
orunmila import -db programXYZ.db -tags raft,directories,manual raft-medium-directories.txt
```
Add a new drupal entry you discovered from the command line (without file)
```
orunmila add -tags drupal,directory word1 word2
```