projectdiscovery / alterx Goto Github PK

The Alter example doesn't work. Have you stopped supporting the project?

echo "www1.google.com" | alterx -silent -es 400 gives no output. while removing that flag alterx works as usual

Where are the Alterx releases?

Proposed Changes

• Add default patterns & payloads based on know patterns
• Add payloads based on chaos stats ?
• Embed permutation.yaml

Context projectdiscovery/utils#256

Current Behavior:

Hello,

I am currently running alterx on a Debian VPS, and I have encountered an issue where the VPS quickly runs out of disk space. It seems that temporary files created during the dedupe process are not being deleted. I believe this issue is related to the problem described in ticket #3693 on the projectdiscovery/nuclei GitHub repository.

Expected Behavior:

• The temporary files should be cleaned up after the permutation command has finished.
• For debugging purposes, I suggest renaming the directory indicated here to alterx-report-*.

Steps To Reproduce:

To reproduce the issue, please follow these steps:

1. Run alterx using the command: cat subdomains.txt | alterx -silent -enrich -limit 2000000
2. Execute the command: du -sh /tmp/nuclei-report-* (Please note that some folders may be related to real nuclei reports)

Please let me know if you need more infos.

Regards,
swdb

Implementation

• Alterx Core Implementation

Subs.txt contains 15k lines
Results in 100+GB file with the enrich flag
So a max file output size and a max runtime switch would be great. Other than that the tool is awesome!!

Branch

• dev

Proposed Changes

• Add Output/Result Limit (early exit. stop and exit if max output limit is reached) . (0 is Unlimited)

-limit int      limit the number of results to return (default 0)

• Add Stdin support

When using the -pp parameter, the word variable must be overwritten, otherwise the return will be empty.

When the following command is executed, the return is empty
echo target.com |./alterx -p '{{word}}-{{fuzz}}.{{suffix}}' -pp fuzz=data

Only when the -pp parameter is used to overwrite the word variable, it will be generated normally

Based on the first command above, I just need to overwrite the fuzz variable, and the word variable uses the keywords in the default configuration file permutations.yaml. But the rewriting of the word variable must be specified at the same time in use, which may not be necessary

Description

When using the alterx as a library to generate subdomain wordlists, it appears to be generating zero permutations. I'm using the example code provided in alterx's repository i.e., https://github.com/projectdiscovery/alterx/blob/main/examples/main.go

Screenshot:

P.S.: I can't run with verbose mode as Options struct doesn't have the Verbose field.

就是像这样 识别子域中是否存在特定关键字 进行同类型的替换

xxx.apiv1.xxx.projectdiscovery.io
》
xxx.apiv2.projectdiscovery.io
xxx.apiv3.projectdiscovery.io
xxx.apiv4.projectdiscovery.io

xxx.forum.projectdiscovery.io
》
xxx.blogs.projectdiscovery.io
xxx.oa.projectdiscovery.io
xxx.mail.projectdiscovery.io

xxx.html5.projectdiscovery.io
》
xxx.ios.projectdiscovery.io
xxx.android.projectdiscovery.io
xxx.web.projectdiscovery.io

Branch

dev

Proposed Changes

• Current Implementation uses flag replace it with goflags
• Expected Flags/Format

$ ./alterx -h 
Fast and customizable subdomain wordlist generator using DSL
 
Usage:
  alterx [flags]

Flags:
INPUT:
   -l, -list string       file containing list of subdomains to use as base (INPUT: stdin,single,multiple,file)
   -w, -word              words to use with alterx permutation (optional) (INPUT: single, multiple, file)
   -p, -pattern           words to use with alterx permutation (optional) (INPUT: single, multiple, file)

OUTPUT:
   -o, -output         output file to write altered subdomain list (INPUT: file)

CONFIG:
   -config         alterx cli config file (default "$HOME/.config/alterx/config.yaml")
   -ac             alterx permutation config file (default "$HOME/.config/alterx/permutation.yaml")
   -dr, -dry-run   dry run and only return generated permutation counter

UPDATE:
   -up, -update                 update alterx to latest version
   -duc, -disable-update-check  disable automatic alterx update check

• Note: type of supported inputs are mentioned in INPUT

Branch

• dev

Proposed Changes

• CodeQL
• Goreleaser Config & Release Binary
• Docker File & Docker Push Workflow
• Lint Test
• Build Test
  • use go run instead of go build
  • add race condition checks go run -race .
• Add example at examples/main.go and run it as part of Build Workflow (Refer TestMutatorResults)

Description:

• The comparison was done by Six2dez, a user who compared four different permutation tools, including AlterX. The results were shared on Twitter and can be found here.

• AlterX generated a total of 29,055,038 results, but only 1,665 were resolved, resulting in a resolution percentage of approximately 0.0057%.

Proposed Changes:

• Pattern Generation: The number of generated patterns is quite high. While this could be seen as a positive aspect, it might also lead to unnecessary processing and storage usage. We need to focus on generating fewer, but more relevant patterns.

• Resolution Percentage: The resolution percentage is currently quite low. We need to improve this by ensuring that a higher percentage of the generated patterns are resolved.

Expected Outcome:

By addressing these issues, we expect to improve the efficiency and effectiveness of AlterX. This should result in a tool that generates fewer patterns but resolves a higher percentage of them, providing more value to the users and being practical to use in the workflow.

Additional Information:

Please take a look at the original tweet and the comparison for more details. If you have any questions or if you need any more information, feel free to ask.

I've been using alterx to process the results of passive subdomain enumeration from tools like subfinder, amass, and findomain. The combined list contains approximately 7 million subdomains.

Command: alterx -l passive_subdomains.txt -en -silent

It's taking an excessively long time to complete - more than a day or two.

I'm curious if there are any optimizations or configurations that can be made to reduce the execution time and wondering if alterx supports concurrent processing to speed up the processing of large datasets like this.

Any help or guidance on this would be greatly appreciated. Thanks in advance.

Hi @projectdiscovery team,

An Awesome & Nice tool to work with : )

And It will be great and more helpful if implement support for loading wordlists file on permutations.yaml for payloads just like loading files on other yaml configs

Example permutations.yaml :

patterns:
  - "{{word}}-{{sub}}.{{suffix}}"
  - "{{sub}}-{{word}}.{{suffix}}"

payloads:
   word: /path/to/wordlists.txt

Thanks & Regards,
@zy9ard3

Proposed Changed

• alterx now has full support for generating subdomains/urls by using patterns with clusterbomb . It should also support Alteration
• Alteration would be a seperate feature similar to qsreplace

// Example
$ cat urls.txt. | alterx -a "{{qvalue}}=xss.txt". // replace all query values in urls with xss payloads
$ cat urls.txt. | alterx -a "{{qvalue}}=sqli.txt" // replace all query values in urls with sqli payloads

• Support replacing only 1 payload at once

$ cat urls.txt. | alterx -r "{{qvalue}}=xss.txt"  --alter-once // should not replace all parameters

Anything else

• Config file ? Format ? cc: @ehsandeep

Since your recent build there has been an intermittent issue with the core of this tool causing hangs in a call to it from an external program this was tested in diff environments and seems to have started occurring two days ago I wish you guys the best but I pulled it out. I can't even be specific it just hangs that's all we are seeing.