├── README.md
└── gau-expose.sh


/README.md:
--------------------------------------------------------------------------------
 1 | # Gau-Expose  
 2 |   ![Analyze your gau result with22222](https://user-images.githubusercontent.com/78614799/160250487-d6efb315-5c51-4094-a2b3-ae45e523c19f.png)
 3 |   
 4 | ## 👉 Very effective when you have big gau result
 5 | 
 6 | ## What Gau Expose tool does?
 7 | 👉 It makes your work a bit easier while analyzing gau results Also It's greater some other useful things from your gau results like
 8 | * gather subdomains
 9 | * gather possible sensitive file like bak,zip,xlsx etc
10 | * gather panel stuff
11 | * gather robots.txt
12 | * gather emails/usernames
13 | * gather error
14 | * gather third-party assets (jira,grafana etc)
15 | * gather apis like graphql
16 | * gather wordlist for directory brute-force
17 | 
18 | 🎯 Details explation about this tool and it's results:
19 | - https://tamimhasan404.medium.com/analyze-your-gau-result-with-gau-expose-tool-124edf7682b7
20 | 
21 | ++ Now before starting You have to do
22 | Install gauplus and uro tool
23 | 
24 | * Gauplus: 
25 | 
26 | ``go install github.com/bp0lr/gauplus@latest``
27 | 
28 | ++ If this method isn't working install gauplus manually
29 | 
30 | ``git clone https://github.com/bp0lr/gauplus.git``
31 | 
32 | ``cd gauplus``
33 | 
34 | ``go build``
35 | 
36 | ``mv gauplus /usr/local/bin/``
37 | 
38 | * Uro
39 | 
40 | `pip3 install uro`
41 | 
42 | ++ Run your gauplus tool on your target live domains
43 | cat live-domains.txt | gauplus -t 30 > gau-urls.txt
44 | 
45 | ++ Now just run Gau Expose tool
46 | `bash gau-expose.sh`
47 | 
48 | ✔ Then put your gau-urls.txt paths that's it.
49 | 
50 | * Inspire by (https://twitter.com/_Sm9l)
51 | 
52 | ![contributions welcome](https://img.shields.io/badge/contributions-welcome-brighteen.svg?style=flat) <a href="https://twitter.com/tamimhasan404">
53 |     <img src="https://img.shields.io/badge/author-@tamimhasan404-orange.svg?style=square&logo=twitter">
54 |   </a>
55 |   
56 |   - [ ] 🎦 **Vedio**
57 |   https://www.youtube.com/watch?v=c1ZAWAadOE8
58 |   
59 | 


--------------------------------------------------------------------------------
/gau-expose.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | 
 4 | echo -e '\033[1;38;5;221m'"
 5 | 
 6 | +-+-+-+ +-+-+-+-+-+-+
 7 | |G|a|u| |E|x|p|o|s|e|
 8 | +-+-+-+ +-+-+-+-+-+-+ 
 9 | Author:Tamim Hasan(tamimhasan404)"
10 | echo
11 | 
12 | mkdir gau-expose-result
13 | 
14 | echo -n "[] Give your gau file name/path: "
15 | 
16 | read path
17 | 
18 | echo
19 | 
20 | echo "[] Greather sensitive file"
21 | 
22 | echo
23 | 
24 | cp $path gau-expose-result
25 | cd gau-expose-result
26 | 
27 | cat $path | grep ".xls\|.xlsx\|.sql\|.csv\|.env\|.msql\|.bak\|.bkp\|.bkf\|.old\|.temp\|.db\|.mdb\|.config\|.yaml\|.zip\|.tar\|.git\|.xz\|.asmx\|.vcf\|.pem" | uro | sort | uniq  > gau-sensitive-file.txt
28 | 
29 | echo "[] Greather all panel stuff"
30 | 
31 | cat $path | grep -i "login\|singup\|admin\|dashboard\|wp-admin\|singin\|adminer\|dana-na\|login/?next/=" | sort | uniq | uro > gau-panel.txt
32 | echo
33 | echo "[] Greather third-party assets"
34 | 
35 | cat $path | grep -i "jira\|jenkins\|grafana\|mailman\|+CSCOE+\|+CSCOT+\|+CSCOCA+\|symfony\|graphql\|debug\|gitlab\|phpmyadmin\|phpMyAdmin" | sort | uniq | uro > gau-third-party-assets.txt
36 | 
37 | echo
38 | echo "[] Greathering emails-usersnames" 
39 | cat $path | grep "@" | sort | uniq | uro > gau-emails-usersnames.txt
40 | 
41 | echo
42 | echo "[] Greathering error(may sensitive-data-expose)"
43 | cat $path | grep "error." | sort | uniq | uro > gau-error-base.txt
44 | 
45 | echo
46 | echo "[] Grathering other sensitive path"
47 | cat $path | grep -i "root\| internal\| private\|secret" | sort | uniq | uro > other-possible-sensitive-path.txt
48 | 
49 | echo
50 | echo "[] Grathering only robots.txt"
51 | cat $path | grep -i robots.txt | sort | uniq | uro > only-robots.txt
52 | 
53 | echo
54 | echo "[] Grathering subdomains"
55 | cat $path | cut -d'/' -f3 | cut -d':' -f1 | uro | sed 's/^\(\|s\):\/\///g' > subdomains.txt
56 | 
57 | echo
58 | echo "[] Grathering paths for directory brute-force"
59 | 
60 | cat $path | rev | cut -d '/' -f 1 | rev | uro | sed 's/^\(\|s\):\/\///g' | sed '/=\|.js\|.gif\|.html\|.rss\|.cfm\|.htm\|.jpg\|.mp4\|.css\|.jpeg\|.png\|:\|%/d' > wordlist.txt
61 | 
62 | echo
63 | 
64 | echo -e "\e[1mDone, Hope it's helpful for you\e[0m"
65 | 


--------------------------------------------------------------------------------