init commit

mllamazares · mllamazares · commit 6d36d97a04fb · 2024-08-22T04:17:21.000+02:00
diff --git a/README.md b/README.md
@@ -1 +1,64 @@
-# gitpaths
+# gitpaths
+
+![](https://img.shields.io/badge/license-MIT-green)
+[![](https://img.shields.io/badge/LinkedIn-0077B5?logo=linkedin&logoColor=white)](https://www.linkedin.com/in/mllamazares/)
+[![Watch on GitHub](https://img.shields.io/github/watchers/mllamazares/gitpaths.svg?style=social)](https://github.com/mllamazares/gitpaths/watchers)
+[![Star on GitHub](https://img.shields.io/github/stars/mllamazares/gitpaths.svg?style=social)](https://github.com/mllamazares/gitpaths/stargazers)
+[![Tweet](https://img.shields.io/twitter/url/https/github.com/mllamazares/gitpaths.svg?style=social)](https://twitter.com/intent/tweet?text=Check%20out%20gitpaths%21%20https%3A%2F%2Fgithub.com%2Fmllamazares%2Fgitpaths)
+
+`gitpaths` is a lightweight tool written in Go that retrieves the folder structure of a GitHub repository without needing to clone the entire content.
+
+It's perfect for quickly creating custom wordlists for fuzzing open-source apps or plugins, helping you identify which endpoints in the default repository are accessible.
+
+![gitpaths demo screenshot](demo.png)
+
+## Features
+
+- Fetches file paths from a repository using the GitHub API.
+- No API key required.
+- Supports specifying a branch within the target repository.
+- Minimal dependencies and lightweight.
+- Blazing fast! 🚀
+
+## Installation
+
+`gitpaths` requires Go 1.23 or later to install successfully. Simply run the following command to get it:
+
+```shell
+go install -v github.com/mllamazares/gitpaths@latest
+```
+
+## Usage
+
+```
+gitpaths -h
+```
+
+This will display help for the tool. Here are all the parameters it supports:
+
+```
+Usage of gitpaths:
+  -b string
+    	Branch name (optional) (default "master")
+  -h	Display help
+  -o string
+    	Output file (optional)
+  -silent
+    	Omit banner and sysout printing
+  -u string
+    	GitHub repository URL
+```
+
+### Examples
+
+To create a wordlist, run the following command:
+
+```
+gitpaths -u https://github.com/example/plugin -o plugin_wordlist.txt
+```
+
+You can then use that wordlist to test which endpoints are reachable on your target:
+
+```
+ffuf -u https://supersecret.com/FUZZ -w plugin_wordlist.txt
+```
diff --git a/demo.png b/demo.png
diff --git a/gitpaths.go b/gitpaths.go
@@ -0,0 +1,113 @@
+package main
+
+import (
+	"encoding/json"
+	"flag"
+	"fmt"
+	"net/http"
+	"os"
+	"strings"
+)
+const yellow = "\033[33m"
+const reset = "\033[0m"
+
+const banner = yellow + `
+        _ __            __  __     
+  ___ _(_) /____  ___ _/ /_/ /  ___
+ / _ \/ / __/ _ \/ _ \/ __/ _ \(_-<
+ \_, /_/\__/ .__/\_,_/\__/_//_/___/
+/___/     /_/                     ` + reset + ` v0.0.1
+
+Made by https://linkedin.com/in/mllamazares
+
+---
+
+`
+
+type ApiResponse struct {
+	Tree []struct {
+		Path string `json:"path"`
+	} `json:"tree"`
+}
+
+func main() {
+	repoUrl := flag.String("u", "", "GitHub repository URL")
+	outputFile := flag.String("o", "", "Output file (optional)")
+	branch := flag.String("b", "master", "Branch name (optional, default: master)")
+	silent := flag.Bool("silent", false, "Omit banner and sysout printing")
+	help := flag.Bool("help", false, "Display help")
+
+	flag.Parse()
+
+	fmt.Print(banner)
+
+	// Display help if -h is provided
+	if *help {
+		flag.Usage()
+		return
+	}
+
+	// Validate input
+	if *repoUrl == "" {
+		fmt.Println("Repository URL is required.")
+		flag.Usage()
+		os.Exit(1)
+	}
+
+	// Extract owner and repo name from URL provided
+	parts := strings.Split(strings.TrimPrefix(*repoUrl, "https://github.com/"), "/")
+	if len(parts) != 2 {
+		fmt.Println("Invalid repository URL format.")
+		os.Exit(1)
+	}
+	owner := parts[0]
+	repo := parts[1]
+
+	// Get the GitHub API URL
+	apiUrl := fmt.Sprintf("https://api.github.com/repos/%s/%s/git/trees/%s?recursive=1", owner, repo, *branch)
+
+	resp, err := http.Get(apiUrl)
+	if err != nil {
+		fmt.Println("Error making request:", err)
+		os.Exit(1)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		fmt.Printf("Failed to retrieve data: %s\n", resp.Status)
+		os.Exit(1)
+	}
+
+	// Parse the JSON response
+	var apiResponse ApiResponse
+	err = json.NewDecoder(resp.Body).Decode(&apiResponse)
+	if err != nil {
+		fmt.Println("Error parsing JSON:", err)
+		os.Exit(1)
+	}
+
+	// Create the output file if defined
+	var file *os.File
+	if *outputFile != "" {
+		file, err = os.Create(*outputFile)
+		if err != nil {
+			fmt.Println("Error creating output file:", err)
+			os.Exit(1)
+		}
+		defer file.Close()
+	}
+
+	// Print to sysout and optionally write the paths to the file
+	for _, item := range apiResponse.Tree {
+		if !*silent {
+			fmt.Println(item.Path)
+		}
+		if file != nil {
+			_, err := file.WriteString(item.Path + "\n")
+			if err != nil {
+				fmt.Println("Error writing to output file:", err)
+				os.Exit(1)
+			}
+		}
+	}
+}
diff --git a/go.mod b/go.mod
@@ -0,0 +1,3 @@
+module github.com/mllamazares/gitpaths
+
+go 1.23.0

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+module github.com/mllamazares/gitpaths`
	`2`	`+`
	`3`	`+go 1.23.0`