ExtFindr A simple Python based tool designed to scan URLs for high-severity file extensions. This script leverages gau
to find URLs, then filters them to identify file types such as .sql
, .bak
, .db
, .config
and other potentially sensitive extensions.
This tool is intended for educational purposes and ethical security testing only. Unauthorized use of this tool against systems or websites without proper permission is illegal and may result in severe penalties. Always ensure you have explicit permission from the owner of the system or website before running any security scans.
The developers (https://github.com/nav1n0x/ | https://x.com/nav1n0x) of this tool are not responsible for any misuse or damage caused by its use.
- High-severity extensions: Detects important file types like
.sql
,.bak
,.db
,.config
,.pem
, etc. - Supports batch processing: Scan multiple URLs from a file in one go.
- Save results: Optionally export found results to a text file.
- Python 3.x
- gau
-
Clone the repository:
git clone https://github.com/nav1n0x/ExtFindr.git cd extfindr
-
Ensure that the required tools (
gau
) is installed.
To use ExtFindr, follow these steps:
-
Create a text file containing the list of URLs you want to scan. Each URL should be on a new line.
Example (
urls.txt
):https://example.com https://targetsite.com https://vulnerablewebsite.com
-
Run the script with the
-l
flag to specify your URL list and optionally use the-o
flag to save results to a file:python extfindr.py -l urls.txt -o results.txt
-l
: Specify the input file with URLs.-o
: (Optional) Output file to save the results.
python extfindr.py -l urls.txt -o found_results.txt
python extfindr.py -h
Usage: python extfindr.py -l <url_list_file> [-o <output_file>] [-t <num_threads>]
Options:
-l, --list File containing list of URLs to scan (required)
-o, --output Output file to save the results (optional)
-t, --threads Number of concurrent threads (optional, default: 5)
-h, --help Show this help message
This project is licensed under the MIT License. See the LICENSE file for details.
Happy scanning! ๐