
The gau (Get All URLs) tool is a versatile open-source utility that collects URLs from various sources, including Wayback Machine, Common Crawl, VirusTotal, and URLScan, for a given domain. It’s commonly used in web application security testing to enumerate endpoints, discover hidden resources, or identify potential vulnerabilities. By leveraging these sources, gau allows security professionals to identify API endpoints, sensitive files, or other resources that might not be immediately visible in a standard web crawl. This aids in identifying misconfigurations, outdated software versions, and exposed assets. So before wait a minutes lets gets start 😛 !!
Let’s take a look 🙂 !!
Dependencies
Now first we need to set the enviroment varibale of our terminal by using the command mentioned below.
1 | export GO111MODULE=on; |
All set to lauch the command to install the tool with the go utility on your terminal by using the command mentioned below.
1 | go install github.com/lc/gau/v2/cmd/gau@latest |
COOL 🙂 !! Althrough if you stuck somwhere once the tool gets install then you can use help command to dump the entire usage of this tool. In order to observer the response of this tool, we use the command mentioned below where all you need to provide the just domain name of which you want to grab sensiitve information and that’s it.
1 | gau vulnweb.com |
Hmmm 🙂 !! As we said earlier there is help command exist in this used for findout the useful syntex to get much bettter information.
1 | gau -h |
Additonally 🙂 !! If you want to get deep detiasl about domain and his subdomain as well then use can try below command once.
1 | gau --subs vulnweb.com |

A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.