Garud An Automation Tool To Scans Sub-Domains
Garud An Automation Tool To Scans Sub-Domains

Garud: An Automation Tool To Scans Sub-Domains

I made this tool to automate my recon and save my time. It really give me headache always type such command and then wait to complete one command and I type other command. So I collected some of the tools which is widely used in the bugbounty field. In this script I used Assetfinder, subfinder, amass, httpx, sublister, gauplus and gf patterns and then it uses dirsearch, dalfox, nuclei and kxss to find some low hanging fruits.

The script first enumerates all the subdomains of the give target domain using assetfinder, sublister, subfinder and amass then filters all live domains from the whole subdomain list then it extarct titles of the subdomains using httpx then it scans for subdomain takeover using nuclei. Then it uses gauplus to extract paramters of the given subdomains then it use gf patterns to filters xss, ssti, ssrf, sqli params from that given subdomains and then it scans for low hanging fruits as well. Then it’ll save all the output in a text file like target-xss.txt. Then it will send the notifications about the scan using notify.

Garud's operational map
Garud’s operational map

Install & Use

Installation – Make sure you’re root before installing the tool

git clone && cd Garud/ && chmod +x garud && mv garud /usr/bin/ && ./


█▀▀ ▄▀█ █▀█ █░█ █▀▄
█▄█ █▀█ █▀▄ █▄█ █▄▀

coded by R0X4R in INDIA with <3

Usage: -d       target you want to scan (
Usage: -f       output directory where you want to save file (~/target-output/)
Usage: -t       Add threads to get results more faster (default=100)
Usage: -b       Add your xss server for Blind XSS (-b
Usage: -x       Exclude out of scope domains (~/out-domains.txt)

garud -d -f target-output -x except.txt -t 200 -b

Slack Bot

wget ~/
pip3 install slackclient slacker

Add your slack token in file.

Token key for Slack Bot
Token key for Slack Bot

Error: Reposity not found. Please check your URL.