Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

A Remake Of The Classic “Tree” Command With The Additional Feature Of Searching For User Provided Keywords/Regex In Files, Highlighting Those That Contain Matche

admin by admin
November 28, 2022
in News




A standalone python3 remake of the classic “tree” command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches. Created for two main reasons:

  • While searching for secrets in files of nested directory structures, being able to visualize which files contain user provided keywords/regex patterns and where those files are located in the hierarchy of folders, provides a significant advantage.
  • “tree” is an amazing tool for analyzing directory structures. It’s really handy to have a standalone alternative of the command for post-exploitation enumeration as it is not pre-installed on every linux distro and is kind of limited on Windows (compared to the UNIX version).

Usage Examples

Example #1: Running a regex that essentially matches strings similar to: password = something against /var/www

Example #2: Using comma separated keywords instead of regex:

Disclaimer: Only tested on Windows 10 Pro.

Further Options & Usage Tips

Notable features:

  • Regex -x search actually returns a unique list of all matched patterns in a file. Be careful when combining it with -v (–verbose), try to be specific and limit the length of chars to match.
  • You can search keywords/regex in binary files as well by providing option -b.
  • You can use this tool as the classic “tree” command if you do not provide keywords -k and regex -x values. This is useful in case you have gained a limited shell on a machine and want to have “tree” with colored output to look around.
  • There’s a list variable filetype_blacklist in eviltree.py which can be used to exclude certain file extensions from content search. By default, it excludes the following: gz, zip, tar, rar, 7z, bz2, xz, deb, img, iso, vmdk, dll, ovf, ova.
  • A quite useful feature is the -i (–interesting-only) option. It instructs eviltree to list only files with matching keywords/regex content, significantly reducing the output length:

Useful keywords/regex patterns

  • Regex to look for passwords: -x ".{0,3}passw.{0,3}[=]{1}.{0,18}"
  • Keywords to look for sensitive info: -k passw,db_,admin,account,user,token





Source link

Tags: cybersecurityethical hackinghack androidhack apphack wordpresshacker newshackinghacking tools for windowskeyloggerkitkitploitpassword brute forcepenetration testingpentestpentest androidpentest linuxpentest toolkitpentest toolsspy tool kitspywaretools
Previous Post

What is a heuristic virus? Everything you need to know

Next Post

New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection

Next Post

New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection

Recommended

Which is the better VPN?

3 months ago

How to watch the People’s Choice Awards 2022 online

2 months ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.