ExtFindr A simple Python based tool designed to scan URLs for high-severity file extensions. This script leverages gau to find URLs, then filters them to identify file types such as .sql, .bak, .db, .config and other potentially sensitive extensions.
This tool is intended for educational purposes and ethical security testing only. Unauthorized use of this tool against systems or websites without proper permission is illegal and may result in severe penalties. Always ensure you have explicit permission from the owner of the system or website before running any security scans.
The developers (https://github.com/nav1n0x/ | https://x.com/nav1n0x) of this tool are not responsible for any misuse or damage caused by its use.
- High-severity extensions: Detects important file types like
.sql,.bak,.db,.config,.pem, etc. - Supports batch processing: Scan multiple URLs from a file in one go.
- Save results: Optionally export found results to a text file.
- Python 3.x
- gau
-
Clone the repository:
git clone https://github.com/nav1n0x/ExtFindr.git cd extfindr -
Ensure that the required tools (
gau) is installed.
To use ExtFindr, follow these steps:
-
Create a text file containing the list of URLs you want to scan. Each URL should be on a new line.
Example (
urls.txt):https://example.com https://targetsite.com https://vulnerablewebsite.com -
Run the script with the
-lflag to specify your URL list and optionally use the-oflag to save results to a file:python extfindr.py -l urls.txt -o results.txt
-l: Specify the input file with URLs.-o: (Optional) Output file to save the results.
python extfindr.py -l urls.txt -o found_results.txtThis project is licensed under the MIT License. See the LICENSE file for details.
Happy scanning! 🚀