In this very short post I wanna talk mention The Silver Searcher, which I just learned about a few weeks ago.

In the past I have written quite a bit about the importance of credential hunting for your organization and some cool built-in operating system indexing features that can be used as well.

Of course grep and findstr are also in every red teamers toolbox.

As part of a coding project I recently learned about “The Silver Searcher”, which is very fast and has some neat features built it. It’s focus is source code searching.

Installation

On Ubuntu just run the following command:

sudo apt-get install silversearcher-ag

or if you are on macOS you can grab it via brew:

brew install the_silver_searcher

Its also available for Windows - check out the Silver Searcher Github repo for details.

Usage and useful features

You can search for specific file types only.

ag --html shadowbunny

Here are some useful options:

-A  Print lines after match (Default: 2)
-B  Print lines after match (Default: 2)
-u --unrestricted 
-z --search-zip
-v --invert-match
--ignore PATTERN  
-p --path-to-ignore STRING
-C --context [LINES]  

Credential hunting!

Credential hunting is important and its good to know about more useful tools that can help in this space. Check it out.

References

• The Silver Searcher Github Repo