• We just launched and are currently in beta. Join us as we build and grow the community.

Cariddi – Hidden Endpoint Finder for Bug Hunting

samsmo

Script Creator
S
S Rep
0
0
0
Rep
0
S Vouches
0
0
0
Vouches
0
Posts
125
Likes
65
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 300 XP
Black-Pink-Purple-Team-Planning-Brainstorm-3D-Whiteboard-Presentation.webp


Hey Folks, we are back today after such a long break, but don’t worry we have come up with an exciting tool that can help you to get big bounties from different companies. Well, looks like we should start as soon as possible.

Let’s take a look into installation 🙂 !!

Installation

It’s quite simple to install or configure this tool in any linux OS machine. Hmmm 🙁 !! Now you only need to do is just have to follow the steps mentioned below and that’s it.

git clone https://github.com/edoardottt/cariddi.git
cd cariddi
apt install golang123git clone
https://github.com/edoardottt/cariddi.gitcd cariddiapt install golang

1.png


Hmm 🙂 !! But make sure the Go utility should be already installed, then you can install this tool with the help of given command.

go get1go get

2.png


Alright 🙂 !! Last command to install this tool and then we can become billionaire by using this tool by finding many vulnerabilities.

make linux1make linux

3.png


Good 🙂 !! Now we have reached the destination, and our tool is configured in our machine. If you have doubts or want to explore more features of this tool then you can follow the below command.

cariddi -h1cariddi-h

4.png


Let’s Start 🙂 !! So suppose if someone challenges you to identify all the hidden endpoints of a particular domain, what will you do? Now all you have to do is take the help of this tool, follow the below command, change the target according to you and that’s it. you did.

echo testphp.vulnweb.com | cariddi1echo testphp.vulnweb.com|cariddi

5.png


Nice 🙂 !! As you can see how many useful endpoints we are getting using this tool.

6.png


Hmm 🙂 !! Lets do it something different with the help of this tool.

7.png

Vulnerability Identify Scanner

Apart from that, you can use this tool as vulnerability tool.

echo testphp.vulnweb.com | cariddi -c 301echo testphp.vulnweb.com|cariddi-c30

8.png


Delicious 🙂 !! We are really astonished to see that the tool have automatically identify some of the vulnerabilities.

9.png

Specific Extension Endpint

suppose if we want to get only dot php extensions file then how can we do it? Just include “-e” fillter into your command and you will have the results as you want.

echo testphp.vulnweb.com | cariddi -e php1echo testphp.vulnweb.com|cariddi-ephp

10.png

Save Results

Done 🙂 !! In the end everyone wants to save their results, then in that case you can consider the following command.

echo testphp.vulnweb.com | cariddi -info1echo testphp.vulnweb.com|cariddi-info

11.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

440,010

316,559

316,568

S sanlaxi
Top