In this very short post I wanna talk mention The Silver Searcher, which I just learned about a few weeks ago.
In the past I have written quite a bit about the importance of credential hunting for your organization and some cool built-in operating system indexing features that can be used as well.
findstr are also in every red teamers toolbox.
As part of a coding project I recently learned about “The Silver Searcher”, which is very fast and has some neat features built it. It’s focus is source code searching.
On Ubuntu just run the following command:
sudo apt-get install silversearcher-ag
or if you are on macOS you can grab it via
brew install the_silver_searcher
Its also available for Windows - check out the Silver Searcher Github repo for details.
Usage and useful features
You can search for specific file types only.
ag --html shadowbunny
Here are some useful options:
-A Print lines after match (Default: 2) -B Print lines after match (Default: 2) -u --unrestricted -z --search-zip -v --invert-match --ignore PATTERN -p --path-to-ignore STRING -C --context [LINES]
Credential hunting is important and its good to know about more useful tools that can help in this space. Check it out.