Home Free Hacking Tools gau (GetAllUrls) Review – A Tool For Discovering URL’s

gau (GetAllUrls) Review – A Tool For Discovering URL’s

by Yash Anand

Getallurls (gau) fetches known URLs from AlienVault’s, the Wayback Machine, and Common Crawl for any given domain. Inspired by Tomnomnom’s waybackurls.

gau Installation

Installing from Binary is the easiest way to install, download the pre-built binaries from the releases page. Download the only binary which is compatible with your system. Extract them using tar and move the binary to your $PATH.

tar xvf gau_1.1.0_linux_amd64.tar.gz
mv gau /usr/bin/gau

The next methods, require the latest go version install in your system. You can check the install version by using the command “go version“ if go is not installed you can follow this link to install the go.

Installing from Source

GO111MODULE=on go get -u -v github.com/lc/ga

How gau Works

gau is used for finding the URLs of a domain which can further be used to discover vulnerabilities.

 echo "https://hackerone.com" | gau

Using gau efficiently.

gau -random-agent -b css,png,jpeg,jpg,svg,gif,ttf,woff,woff2,eot,otf,ico,js -subs example.com | sort -u >> results.txt

  • -random-agent: use a random agent.
  • -b: extension to skip
  • -subs:  include subdomains of a target domain.

What Bunny rating does it get?

The tools have some great and unique feature which is not provided by the similar tools, we will be awarding this tool a rating of 4.5 out of 5 bunnies.

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive discount here

Help support LHN by buying a T-shirt or a mug?

Check out our selection here

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

You may also like