gf : A wrapper around grep, to help you grep for things. To find multiple vulnerable patterns for bug bounty / security testing.
Steps to install gf tool on Kali Linux are as follows :
Get root access
▶ Run : sudo su
Check go lang version
▶ Check : go version
Now download the gf tool for go lang 17 (that is go1.17) and may be above
▶ Run : go install github.com/tomnomnom/gf@latest
Or download the gf tool for go lang 16 (that is go1.16) and below
▶ Run : go get -u github.com/tomnomnom/gf
Move downloaded gf tool in bin folder for easy access
▶ Run : cp ~/go/bin/gf /usr/bin/
You can check
▶ Run : gf -h
Now create .gf folder in home direcotry
▶ Run : mkdir ~/.gf
Then download the different patterns to use with gf tool
▶ Run : git clone https://github.com/Sherlock297/gf_patterns.git
▶ Run : cd gf_patterns/
Now copy all patterns to .gf folder, which we had created above
▶ Run : cp *.json ~/.gf
That’s it. Installation is complete, you can check
▶ Run : gf -list
Example / Usage
▶ Run : waybackurls http://testphp.vulnweb.com/ | gf xss
If you don’t want to follow along with above steps then simply use below one liner command :
Users with go1.17 and may be above
▶ Run : go install github.com/tomnomnom/gf@latest && cp ~/go/bin/gf /usr/bin/ && gf -h && mkdir ~/.gf && git clone https://github.com/Sherlock297/gf_patterns.git && cd gf_patterns/ && cp *.json ~/.gf && gf -list
Users with go1.16 and below (Not Tested)
▶ Run : go get -u github.com/tomnomnom/gf && cp ~/go/bin/gf /usr/bin/ && gf -h && mkdir ~/.gf && git clone https://github.com/Sherlock297/gf_patterns.git && cd gf_patterns/ && cp *.json ~/.gf && gf -list
0 Comments