Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

WWWGrep – OWASP Foundation Web Repository

  • Last Updated : 27 Dec, 2021

Grepping is the technique that allows the user to search one or more files for a specific string of text and outputs all the lines that contain the string. We can apply this technique in penetration testing for finding the HTML elements by type and permits. There is an automated tool that performs this task for us, the name of the tool is WWWGrep. WWWGrep tool is the fastest tool for performing grepping on web applications. Mainly this tool was designed to assist breakers and builders in quickly examining the large code-bases, but nowadays this tool is also used in Security. WWWGrep tool is developed in the Python Language and available on GitHub. WWWGrep tool is an open-source and free-to-use tool.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process – Python Installation Steps on Linux

Installation of WWWGrep Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/OWASP/wwwgrep.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd wwwgrep

Step 3: You are in the directory of the WWWGrep. Now you have to install a dependency of the WWWGrep using the following command.

sudo pip3 install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 wwwgrep.py -h

Working with WWWGrep Tool on Kali Linux OS

Example 1: Find all input fields named login on a site recursively while not leaving the root domain without case sensitivity in the match

python3 wwwgrep.py -t https://clientam.com/sso/Login -i -si “login” -rr

Example 2: Find all comments containing the term “[ENDIF]” on all pages in a site

python3 wwwgrep.py -t https://www.w3schools.com/html/html_comments.asp -i -sc “[ENDIF] ” -rr

Example 3: Find all comments on a specific web page

python3 wwwgrep.py -t https://www.w3schools.com/html/html_comments.asp -i -sc “” -rr

Example 4: Find all hidden fields within a list of web applications contained in the file input.txt using site recursion

python3 wwwgrep.py -f input.txt -sf "" -rr

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!