gau

getallurls (gau)

License

getallurls (gau) fetches known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan for any given domain. Inspired by Tomnomnom's waybackurls.

Resources

Usage:

Examples:

$ printf example.com | gau
$ cat domains.txt | gau --threads 5
$ gau example.com google.com
$ gau --o example-urls.txt example.com
$ gau --blacklist png,jpg,gif example.com

To display the help for the tool use the -h flag:

$ gau -h
FlagDescriptionExample
--blacklistlist of extensions to skipgau --blacklist ttf,woff,svg,png
--configUse alternate configuration file (default $HOME/config.toml or %USERPROFILE%\.gau.toml)gau --config $HOME/.config/gau.toml
--fclist of status codes to filtergau --fc 404,302
--fromfetch urls from date (format: YYYYMM)gau --from 202101
--ftlist of mime-types to filtergau --ft text/plain
--fpremove different parameters of the same endpointgau --fp
--jsonoutput as jsongau --json
--mclist of status codes to matchgau --mc 200,500
--mtlist of mime-types to matchgau --mt text/html,application/json
--ofilename to write results togau --o out.txt
--providerslist of providers to use (wayback,commoncrawl,otx,urlscan)gau --providers wayback
--proxyhttp proxy to use (socks5:// or http://gau --proxy http://proxy.example.com:8080
--retriesretries for HTTP clientgau --retries 10
--timeouttimeout (in seconds) for HTTP clientgau --timeout 60
--subsinclude subdomains of target domaingau example.com --subs
--threadsnumber of workers to spawngau example.com --threads
--tofetch urls to date (format: YYYYMM)gau example.com --to 202101
--verboseshow verbose outputgau --verbose example.com
--versionshow gau versiongau --version

Configuration Files

gau automatically looks for a configuration file at $HOME/.gau.toml or%USERPROFILE%\.gau.toml. You can point to a different configuration file using the --config flag. If the configuration file is not found, gau will still run with a default configuration, but will output a message to stderr.

You can specify options and they will be used for every subsequent run of gau. Any options provided via command line flags will override options set in the configuration file.

An example configuration file can be found here

Installation:

From source:

$ go install github.com/lc/gau/v2/cmd/gau@latest

From github :

git clone https://github.com/lc/gau.git; \
cd gau/cmd; \
go build; \
sudo mv gau /usr/local/bin/; \
gau --version;

From binary:

You can download the pre-built binaries from the releases page and then move them into your $PATH.

$ tar xvf gau_2.0.6_linux_amd64.tar.gz
$ mv gau /usr/bin/gau

From Docker:

You can run gau via docker like so:

docker run --rm sxcurity/gau:latest --help

You can also build a docker image with the following command

docker build -t gau .

and then run it

docker run gau example.com

Bear in mind that piping command (echo "example.com" | gau) will not work with the docker container

ohmyzsh note:

ohmyzsh's git plugin has an alias which maps gau to the git add --update command. This is problematic, causing a binary conflict between this tool "gau" and the zsh plugin alias "gau" (git add --update). There is currently a few workarounds which can be found in this Github issue.

Useful?

Buy Me A Coffee

Donate to CommonCrawl
Donate to the InternetArchive