Skip to content
/ csearch Public

A simple script that brute force URLs in C language.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Fastiraz/csearch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
img
img
 
 
lists
lists
 
 
.DS_Store
.DS_Store
 
 
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 
check.h
check.h
 
 
csearch.c
csearch.c
 
 
ddf.h
ddf.h
 
 
github.h
github.h
 
 
osint.h
osint.h
 
 
recursive.h
recursive.h
 
 
sechead.h
sechead.h
 
 
stuff.h
stuff.h
 
 
ui.h
ui.h
 
 

Repository files navigation

L👀K

This C script is a simple tool for brute-forcing URLs and subdomains. It was developed as a way to practice the C programming language and to create a simpler version of Gobuster.

Features

  • URL Fuzzer
  • DNS Fuzzer
  • Security Headers Check
  • Github email address recovery
  • Recursive mode for URL and DNS Fuzzer
  • Verbose mode
  • User Interface to launch attacks

Usage

Install the curl library for Linux and MacOS:

apt-get install libcurl4-openssl-dev  # 4 Linux
brew install curl                     # 4 OSX

To compile the script, use the gcc compiler:

gcc -o csearch csearch.c -lcurl

This will create an executable file called csearch that you can run with the ./csearch command.

Note that you may need to install the gcc compiler and the curl development package (usually called libcurl-dev or libcurl-devel) on your system in order to compile the script.

To use the script, follow the examples below.

To brute force an URL :
    ./csearch -u http://example.com/

To brute force subdomains :
    ./csearch dns -u example.com -w /usr/share/wordlists/dirb/common.txt

Fuzzing mode :
    ./csearch fuzz -u https://docs.fuzz.com/ -w /usr/share/wordlists/dirb/common.txt

To check security headers from an URL
	./csearch -sh http://example.com/

To use UI :
    ./csearch -ui -u google.com -w lists/test.txt

To find email address from Github username
	./csearch -ge username

To track someone on internet with a username
	./csearch -n username

The script will then try each word in the list as a URL extension and report whether the page exists or not.

DIR Mode

csearch

DNS Mode

csearch

FUZZ Mode

csearch

RECURSIVE Mode

csearch

VERBOSE Mode

csearch



Dependencies

The script requires the cURL library to be installed on your system.

HELP

 ➜ ./csearch -h



===============================================================
	CSearch v1.4
	by Fastiraz
===============================================================

FLAGS:
	-u : URL
	-w : Path to a custom wordlist
	-v : Verbose output (errors)
	-r : Enable recurcive mode
	-h : Display this content
	-ui: Enable the user interface

KEYWORDS:
	dir : Directory mode (default)
	dns : Subdomain mode
	fuzz : Uses fuzzing mode. Replaces the keyword FUZZ in the URL, Headers and the request body

EXAMPLES:
	Usage :	./csearch -u http://example.com/
	Usage :	./csearch dns -u http://example.com/ -w /usr/share/wordlist/dirb/big.txt -v
  Usage : ./csearch fuzz -u https://docs.fuzz.com/ -w /usr/share/wordlists/dirb/common.txt

About

A simple script that brute force URLs in C language.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages