Content Discovery

katana -u oneplus.com -depth 5 -silent | anew all.urls.txt
katana -u alive.domains.txt -depth 5 -silent | anew all.urls.txt

cat alive.domains.txt | gau | anew all.urls.txt

cat alive.domains.txt | waybackurls | anew all.urls.txt

gospider -s <https://oneplus.com> -c 10 -d 5 --other-source -q | anew all.urls.txt
gospider -S httpx.domains.txt -c 10 -d 5 --other-source -q | anew all.urls.txt

sed -e sed -e 's/\\[url\\] - \\[code-200\\] - //g' -i all.urls.txt

cat "<https://oneplus.com>" | hakrawler -d 5 -subs | anew all.urls.txt
cat httpx.domains.txt | hakrawler -d 5 -subs | anew all.urls.txt

cat all.urls.txt | uro | anew filtered.urls.txt

cat all.urls.txt | grep "\\.js$" | anew js.files.txt

katana -u oneplus.com -d 5 -jc -mr '\\.js$' -o all.js.txt

cat urls.txt | hakrawler -d 5 | grep '\\.js$' | anew all.js.txt

cat js.files.txt | ~/go/bin/httpx -silent | grep -E "api|token|Authorization" | anew secrets.txt

# Exposed Config Files
cat all.urls.txt | grep -E "\\.env$|\\.json$|\\.config$|\\.bak$|\\.git$"

# Exposed Files
cat all.urls.txt | grep -E "\\.txt$|\\.log$|\\.cache$|\\.secret$|\\.db$|\\.backup$|\\.yml$|\\.json$|\\.gz$|\\.rar$|\\.zip$|\\.config$"

cat all.js.txt | while read url; do python3 SecretFinder.py -i $url -o cli | anew secrets.txt; done