Pablo Guides

### Course #200: getallurls$ for Effective URL Discovery

#### Section 1/5: Introduction & Link

Welcome to the first section of our advanced pentesting course on the Kali Linux tool, getallurls$. In this section, we will cover the installation and configuration of getallurls$ on Kali Linux, provide a thorough guide on its usage, and delve into real-world use cases. By the end of this section, you will be adept at using getallurls$ for effective URL discovery in web applications.

—

#### 1. Installation and Configuration on Kali Linux

Before we dive into the practical aspects of using getallurls$, we first need to ensure that we have the tool installed and configured correctly on our Kali Linux system. Here’s a step-by-step guide to help you through the process.

##### Step 1: Updating Kali Linux

Open your terminal and execute the following command to update your system packages to the latest versions:

"`bash
sudo apt update && sudo apt upgrade -y
"`

##### Step 2: Installing getallurls$

Kali Linux comes pre-installed with many penetration testing tools. If getallurls$ is not available in your current installation, you can download it from the official GitHub repository. Use the following command to clone the repository:

"`bash
git clone https://github.com/yourusername/getallurls.git
"`

Navigate into the cloned directory:

"`bash
cd getallurls
"`

Next, install the required dependencies. Ensure you have Python installed, as getallurls$ is a Python-based tool. You can install the required modules using pip:

"`bash
pip install -r requirements.txt
"`

##### Step 3: Configuration

Before running the tool, ensure that you have configured it to your needs. Open the configuration file located in the cloned directory. You might usually find a file named `config.ini` or similar. Modify the host settings according to your target environment.

"`ini
[DEFAULT]
target_url = http://targetsite.com
recursive = true
timeout = 10
"`

### 2. Step-by-Step Usage and Real-World Use Cases

Now that we have installed and configured getallurls$, let’s explore how to utilize it for effective URL discovery.

##### Basic Command Structure

The general syntax for using getallurls$ is:

"`bash
python getallurls.py -u
"`

Here’s a breakdown of the parameters:

– `-u` or `–url`: Specifies the target URL for enumeration.

##### Example Commands

1. **Basic URL Enumeration**

To enumerate URLs from a target site, execute:

"`bash
python getallurls.py -u http://example.com
"`

2. **Recursive Enumeration**

If you wish to perform a recursive search to discover more URLs within the site, use the recursive flag:

"`bash
python getallurls.py -u http://example.com –recursive
"`

3. **Output to File**

You can also save the results of your URL enumeration to a file for further analysis:

"`bash
python getallurls.py -u http://example.com -o output.txt
"`

##### Real-World Use Case: Finding Hidden URLs

One of the significant applications of getallurls$ is finding hidden URLs that are not easily accessible through the main navigation of a website. For instance, many web applications have files or pages that are linked less directly or even omitted from sitemaps.

**Case Example: E-commerce Site**

Suppose you are testing an e-commerce platform. By running getallurls$ against the main domain, you may discover URLs for:

– Admin panels (e.g., `http://example.com/admin`)
– User profiles that are not linked publicly
– API endpoints (e.g., `http://example.com/api/v1/products`)

To illustrate this, run the following command:

"`bash
python getallurls.py -u http://ecommerce-site.com –recursive -o urls_found.txt
"`

After executing the command, check the `urls_found.txt` file to see all discovered URLs that may pose security threats if left unprotected.

### 3. Detailed Technical Explanations and External Reference Links

#### How getallurls$ Works

getallurls$ utilizes a combination of web crawling and URL exposure techniques to discover links on a target site. It parses HTML content, looking for anchor tags (``) and other elements that may contain links to other resources.