gfx

command module

v1.0.2 Latest Latest Go to latest Published: Feb 11, 2023 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dwisiswant0/gfx

Links

Open Source Insights

README ¶

gfx

A wrapper around grep to avoid typing common patterns.

Note: This is a fork version of gf developed by Tom Hudson that includes several improvements.

What? Why?

I use grep a lot. When auditing code bases, looking at the output of meg, or just generally dealing with large amounts of data. I often end up using fairly complex patterns like this one:

$ grep -HnrE '(\$_(POST|GET|COOKIE|REQUEST|SERVER|FILES)|php://(input|stdin))' *

It's really easy to mess up when typing all of that, and it can be hard to know if you haven't got any results because there are non to find, or because you screwed up writing the pattern or chose the wrong flags.

Usage

It's fairly easy!

$ gfx --help
gfx [OPTIONS...] pattern-name

Options:
  -s, --save        Save a pattern
  -l, --list        List available patterns
  -d, --dump        Print the grep command of patterns instead
      --rm          Remove patterns
  -h, --help        Print this helps

Examples:
  gfx aws*
  gfx -d aws*
  gfx --rm aws*
  gfx --save pattern-name '-Hnri' 'search-pattern'

Example

I want to run grep with the pattern below all at once:

$ gfx -l 2>&1 | grep google
google-account-type_secrets
google-api-key_secrets
google-calendar-uri_secrets
google-captcha_secrets
google-client-email_secrets
google-client-id_secrets
google-client-secret_secrets
google-cloud-platform-api-key_secrets
google-cloud-platform-oauth_secrets
google-gcp-service-account_secrets
google-maps-api-key_secrets
google-oauth-access-token_secrets
google-oauth-id_secrets
google-oauth_secrets
google-patterns_secrets
google-private-key_secrets
google-url_secrets

You can supply a pattern name by entering a glob pattern:

$ gfx google-*

Note: Keep in mind that the pattern name serves as a globbing for both the dump and remove (--rm) flags.

$ gfx -d google-*
[google-account-type_secrets] grep -aHnoPr "google[_-]?account[_-]?type(=| =|:| :)" .
[google-calendar-uri_secrets] grep -aHnoPr "https://www\\.google\\.com/calendar/embed\\?src=[A-Za-z0-9%@&;=\\-_\\./]+" .
[google-client-email_secrets] grep -aHnoPr "google[_-]?client[_-]?email(=| =|:| :)" .
[google-client-secret_secrets] grep -aHnoPr "google[_-]?client[_-]?secret(=| =|:| :)" .
[google-cloud-platform-oauth_secrets] grep -aHnoPr "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com" .
[google-oauth-access-token_secrets] grep -aHnoPr "ya29\\.[0-9A-Za-z\\-_]+" .
[google-oauth_secrets] grep -aHnoPr "(ya29.[0-9A-Za-z-_]+)" .

Pattern Files

The pattern definitions are stored in ~/.gf as little JSON files that can be kept under version control:

$ cat ~/.gf/php-sources.json
{
    "flags": "-HnrE",
    "pattern": "(\\$_(POST|GET|COOKIE|REQUEST|SERVER|FILES)|php://(input|stdin))"
}

To help reduce pattern length and complexity a little, you can specify a list of multiple patterns too:

$ cat ~/.gf/php-sources-multiple.json
{
    "flags": "-HnrE",
    "patterns": [
        "\\$_(POST|GET|COOKIE|REQUEST|SERVER|FILES)",
        "php://(input|stdin)"
    ]
}

You can use the -save flag to create pattern files from the command line:

$ gfx --save 'php-serialized' '-HnrE' '(a:[0-9]+:{|O:[0-9]+:"|s:[0-9]+:")'

Or if you want to remove 'em:

$ gfx --rm 'php-serialized'

Using custom engines

There are some amazing code searching engines out there that can be a better replacement for grep. A good example is the silver searcher. It's faster (like way faster) and presents the results in a more visually digestible manner.

In order to utilize a different engine, add engine: <other tool> to the relevant pattern file:

# Using the silver searcher instead of grep for the aws-keys pattern:
# 1. Adding "ag" engine
# 2. Removing the E flag which is irrelevant for ag

{
  "engine": "ag",
  "flags": "-Hanr",
  "pattern": "([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}"
}

Warning: Different engines use different flags, so in the example above, the flag E has to be removed from the aws-keys.json file in order for ag to successfully run.

Install

Download a pre-built binary from release page, unpack and run! Or

with Go

If you've got Go 1.19+ installed and configured you can install gfx with:

go install github.com/dwisiswant0/gfx/...

from Source

Clone this repository, and run:

go build ./...
install gfx $GOBIN

To get started with patterns quickly, see also:

License

gfx is distributed under MIT. Contributions are welcome! See LICENSE file.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL