From dd5b87489ddf0f0ea22e101ef350b2c626635152 Mon Sep 17 00:00:00 2001
From: Satyam Gothi <41023447+RogueSMG@users.noreply.github.com>
Date: Tue, 4 Jul 2023 15:55:55 +0530
Subject: [PATCH] Update garud
Changed the values of "-P" flags in xargs to execute accurately according to the number of CPU cores of the System's available cores rather than a Generic "guessed" value.
---
garud | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/garud b/garud
index 72c2938..a97be9c 100755
--- a/garud
+++ b/garud
@@ -156,7 +156,7 @@ SUBD_ACTV(){
SUBD_SCND(){
cat .tmp/*.list | grep -v "*" | sed '/@\|
\|\_\|*/d' | grep "$DM" | anew -q .tmp/domains
- xargs -a .tmp/domains -P 50 -I % bash -c "assetfinder --subs-only % | anew -q .tmp/seconddomains.list" 2> /dev/null; timeout 30m xargs -a .tmp/domains -P 10 -I % bash -c "amass enum -passive -d %" 2> /dev/null | anew -q .tmp/seconddomains.list
+ xargs -a .tmp/domains -P `nproc` -I % bash -c "assetfinder --subs-only % | anew -q .tmp/seconddomains.list" 2> /dev/null; timeout 30m xargs -a .tmp/domains -P `nproc` -I % bash -c "amass enum -passive -d %" 2> /dev/null | anew -q .tmp/seconddomains.list
}
SUBD_CHCK(){
@@ -170,7 +170,7 @@ SUBD_CHCK(){
#@> WEB PROBING AND SCREENSHOT
naabu -retries 3 -r ~/wordlists/resolvers.txt -l database/subdomains.txt -p "$PR" -silent -no-color 2> /dev/null | anew -q database/ports.txt
cat database/ports.txt | httprobe -prefer-https | anew -q database/lives.txt
- xargs -a database/lives.txt -P 50 -I % bash -c "echo % | aquatone -chrome-path $CHROME_BIN -out database/screenshots/ -threads 10 -silent" 2> /dev/null &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "echo % | aquatone -chrome-path $CHROME_BIN -out database/screenshots/ -threads 10 -silent" 2> /dev/null &> /dev/null
[ "$JO" == "False" ] || cat database/lives.txt | python3 -c "import sys; import json; print (json.dumps({'liveurls':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/liveurls.json &> /dev/null
[ "$JO" == "False" ] || cat database/subdomains.txt | python3 -c "import sys; import json; print (json.dumps({'subdomains':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/subdomains.json &> /dev/null
[ "$JO" == "False" ] || cat database/ports.txt | python3 -c "import sys; import json; print (json.dumps({'ports':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/ports.json &> /dev/null
@@ -192,8 +192,8 @@ WEBC_RAWL(){
echo -e "${BK} ${RT}" | tr -d '\n' | pv -qL 6; echo -e " STARTING WEBCRAWLING ON ${BK}$DM${RT} (${YW}it may take time${RT})"
agnee -d $DM -q -o database/dorks.txt -p 4
timeout 50m gospider -S database/lives.txt -d 10 -c 20 -t 50 -K 3 --no-redirect --js -a -w --blacklist ".(eot|jpg|jpeg|gif|css|tif|tiff|png|ttf|otf|woff|woff2|ico|svg|txt)" --include-subs -q -o .tmp/gospider 2> /dev/null | anew -q .tmp/gospider.list
- xargs -a database/lives.txt -P 50 -I % bash -c "echo % | waybackurls" 2> /dev/null | anew -q .tmp/waybackurls.list
- xargs -a database/lives.txt -P 50 -I % bash -c "echo % | gau --blacklist eot,jpg,jpeg,gif,css,tif,tiff,png,ttf,otf,woff,woff2,ico,svg,txt --retries 3 --threads 50" 2> /dev/null | anew -q .tmp/gau.list 2> /dev/null &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "echo % | waybackurls" 2> /dev/null | anew -q .tmp/waybackurls.list
+ xargs -a database/lives.txt `nproc` -I % bash -c "echo % | gau --blacklist eot,jpg,jpeg,gif,css,tif,tiff,png,ttf,otf,woff,woff2,ico,svg,txt --retries 3 --threads 50" 2> /dev/null | anew -q .tmp/gau.list 2> /dev/null &> /dev/null
cat .tmp/gospider.list .tmp/gau.list .tmp/waybackurls.list 2> /dev/null | sed '/\[/d' | grep $DM | sort -u | uro | anew -q database/urls.txt # <-- Filtering duplicate and common endpoints
[ "$JO" == "False" ] || cat database/urls.txt | python3 -c "import sys; import json; print (json.dumps({'endpoints':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/urls.json &> /dev/null
@@ -214,11 +214,11 @@ WEBC_RAWL(){
NUCL_SCAN(){
echo -e "${BK} ${RT}" | tr -d '\n' | pv -qL 6; echo -e " STARTING NUCLEI VULNERABILITY SCANNING ON ${BK}$DM${RT} (${YW}it may take time${RT})"
nuclei -update-templates 2> /dev/null &> /dev/null
- xargs -a database/lives.txt -P 50 -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s info -c 10 -silent" 2> /dev/null | anew -q vulns/nuclei.txt
- xargs -a database/lives.txt -P 50 -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s low -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
- xargs -a database/lives.txt -P 50 -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s medium -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
- xargs -a database/lives.txt -P 50 -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s high -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
- xargs -a database/lives.txt -P 50 -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s critical -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s info -c 10 -silent" 2> /dev/null | anew -q vulns/nuclei.txt
+ xargs -a database/lives.txt `nproc` -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s low -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s medium -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s high -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
+ xargs -a database/lives.txt `nproc` -I % bash -c "nuclei -target % -t ~/nuclei-templates/ -nc -s critical -c 10 -silent" 2> /dev/null | anew vulns/nuclei.txt | notify -silent &> /dev/null
[ "$JO" == "False" ] || cat vulns/nuclei.txt | python3 -c "import sys; import json; print (json.dumps({'nuclei_info':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/nuclei.json &> /dev/null
[ "$SL" == "False" ] && cat vulns/nuclei.txt
}
@@ -234,19 +234,19 @@ VULN_SCAN(){
cat database/urls.txt | cut -d"?" -f1 | cut -d"=" -f1 | grep -iaE "([^.]+)\.zip$|([^.]+)\.zip\.[0-9]+$|([^.]+)\.zip[0-9]+$|([^.]+)\.zip[a-z][A-Z][0-9]+$|([^.]+)\.zip\.[a-z][A-Z][0-9]+$|([^.]+)\.rar$|([^.]+)\.tar$|([^.]+)\.tar\.gz$|([^.]+)\.tgz$|([^.]+)\.sql$|([^.]+)\.db$|([^.]+)\.sqlite$|([^.]+)\.pgsql\.txt$|([^.]+)\.mysql\.txt$|([^.]+)\.gz$|([^.]+)\.config$|([^.]+)\.log$|([^.]+)\.bak$|([^.]+)\.backup$|([^.]+)\.bkp$|([^.]+)\.crt$|([^.]+)\.dat$|([^.]+)\.eml$|([^.]+)\.java$|([^.]+)\.lst$|([^.]+)\.key$|([^.]+)\.passwd$|([^.]+)\.pl$|([^.]+)\.pwd$|([^.]+)\.mysql-connect$|([^.]+)\.jar$|([^.]+)\.cfg$|([^.]+)\.dir$|([^.]+)\.orig$|([^.]+)\.bz2$|([^.]+)\.old$|([^.]+)\.vbs$|([^.]+)\.img$|([^.]+)\.inf$|([^.]+)\.sh$|([^.]+)\.py$|([^.]+)\.vbproj$|([^.]+)\.mysql-pconnect$|([^.]+)\.war$|([^.]+)\.go$|([^.]+)\.psql$|([^.]+)\.sql\.gz$|([^.]+)\.vb$|([^.]+)\.webinfo$|([^.]+)\.jnlp$|([^.]+)\.cgi$|([^.]+)\.tmp$|([^.]+)\.ini$|([^.]+)\.webproj$|([^.]+)\.xsql$|([^.]+)\.raw$|([^.]+)\.inc$|([^.]+)\.lck$|([^.]+)\.nz$|([^.]+)\.rc$|([^.]+)\.html\.gz$|([^.]+)\.gz$|([^.]+)\.env$|([^.]+)\.yml$" | httpx -silent -follow-host-redirects | anew -q vulns/files.txt &> /dev/null
[ "$JO" == "False" ] || cat vulns/files.txt 2> /dev/null | python3 -c "import sys; import json; print (json.dumps({'sensitive':list(sys.stdin)}))" | sed 's/\\n//g' | tee .json/files.json &> /dev/null
- xargs -a .tmp/xss.txt -P 50 -I % bash -c "curl -s -L -H \"X-Bugbounty: Testing\" -H \"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36\" --insecure '%' | grep \"