攻击性安全工具：Troll-A

# Install dependencies
brew install re2 
# Install with RE2 activated
go install -tags re2_cgo github.com/crissyfield/troll-a@v1.0.0

# Install dependencies
sudo apt install -u build-essential libre2-dev
# Install with RE2 activated
go install -tags re2_cgo github.com/crissyfield/troll-a@v1.0.0

Usage:  troll-a [flags] url    This tool allows to extract (potential) secrets such as passwords, API keys, and tokensfrom WARC (Web ARChive) files. Extracted information is output as structured text orgJSON, which simplifies further processing of the data.
"url" can be either a regular HTTP or HTTPS reference ("https://domain/path"), an AmazonS3 reference ("s3://bucket/path"), or a file path (either "file:///path" or simply"path"). If the data is compressed with either GZip, BZip2, or ZStd it is automaticallydecompressed. ZStd with a prepended custom dictionary (as used by "*.megawarc.warc.zstd")is also handled transparently.
This tool uses rules from the Gitleaks project (https://gitleaks.io) to detect secrets.

Flags:  -e, --enclosed               only report secrets that are enclosed within their context  -h, --help                   help for troll-a  -j, --jobs uint              detect secrets with this many concurrent jobs (default 8)  -s, --json                   output detected secrets as JSON  -p, --preset rules-preset    rules preset to use. This could be one of the following:                               all:         All known rules will be applied, which can                                            result in a significant amount of noise for                                            large data sets.                               most:        Most of the rules are applied, skipping the                                            biggest culprits for false positives.                               secret:      Only rules are applied that are most likely                                            to result in an actual leak of a secret.                               No other values are allowed. (default secret)  -q, --quiet                  suppress success message(s)  -r, --retry retry-strategy   retry strategy to use. This could be one of the following:                               never:       This strategy will fail after the first fetch                                            failure and will not attempt to retry.                               constant:    This strategy will attempt to retry up to 5                                            times, with a 5s delay after each attempt.                               exponential: This strategy will attempt to retry for 15                                            minutes, with an exponentially increasing                                            delay after each attempt.                               always:      This strategy will attempt to retry forever,                                            with no delay at all after each attempt.                               No other values are allowed. (default never)  -t, --timeout duration       fetching timeout (does not apply to files) (default 30m0s)  -v, --version                version for troll-a

# Download the list of all 90.000 WARC paths
curl -sSL -O https://data.commoncrawl.org/crawl-data/CC-MAIN-2023-50/warc.paths.gz
# Iterate through all paths using 64 scanning jobs, output matches as JSON
gzcat warc.paths.gz | 
xargs -I{} -- troll-a -e -s -j64 https://data.commoncrawl.org/{} > secrets.json

https://wiki.archiveteam.org/index.php

# Call troll-a directly with the MegaWARC URLtroll-a -e https://archive.org/download/archiveteam_pastebin_20230421003309_a3b951b4/pastebin_20230421003309_a3b951b4.1603050931.megawarc.warc.zst