How to Install Cariddi on Kali Linux?
In this section, we will see the detailed steps to install the Cariddi tool on the Kali Linux Operating System. So follow the below steps to get the Cariddi tool ready for usage on our system without encountering any problems.
Step 1: Firstly, on the Kali Linux system, we need to launch the terminal, as all the commands that need to be executed are done on the terminal of the Linux system. We can launch the Terminal from the Application Menu or by using the shortcut “CTRL + ALT + T“.
Step 2: Execute the below command to clone (download) a Git repository from a remote source, the URL points to the Cariddi repository on GitHub. The git clone command creates a local copy of the entire repository on your system.
git clone https://github.com/edoardottt/cariddi.git
Step 3: After running the git clone command, we’ll have a new directory created in your current location. In this case, the directory is named “cariddi” because it corresponds to the repository’s name on GitHub.So navigate to that directory using the cd command.
cd cariddi
Step 4: As this tool is a Go Programming-based tool, we need to have Golang language installed on our system, we can install it by executing the below apt command in the terminal.
sudo apt install golang
Step 5: After installation, we need to download and install packages and dependencies for the tool. So below command fetches the source code, compiles it, and makes it available for use.
go get ./...
Step 6: Now, we need to build the Cariddi tool for Linux OS. So we need to execute the below command which will compile the source code and generate an executable binary that can be run on a Linux system, allowing us to use Cariddi for security testing and reconnaissance tasks.
make linux
Step 7: Once the tool gets built for Linux OS, we can run the below help command to get the help page of the tool and confirm the successful installation of the tool.
cariddi -h
Cariddi – Hidden Endpoint Finder for Bug Hunting
Cariddi tool in Kali Linux is an open-source tool that is used for reconnaissance, vulnerability assessment, and also for security testing of Web-based applications. This tool allows hackers, security professionals, bug hunters, and penetration testers to crawl domain URLs and scan for various types of information, including endpoints, secrets, API keys, file extensions, and tokens. Cariddi is highly configurable and provides a wide range of options for tailoring your testing approach. In this article, we will see the installation steps of the Cariddi tool in Kali Linux, Key Features, and practical examples to perform testing on the target application.
Features:
- Endpoint Discovery: Cariddi can discover and enumerate endpoints, which are specific URLs or web application paths, that might be of interest during security testing. These endpoints often include login pages, admin panels, or other critical application functionality.
- Secrets Detection: The tool is capable of identifying secrets and sensitive information in the target domain, which can include hardcoded API keys, credentials, or other confidential data.
- File Extension Scanning: Cariddi can search for various file extensions on the target domain. This is useful for identifying files that may contain sensitive information, such as configuration files or backup files.
- Customization: Cariddi allows you to customize your testing by specifying custom parameters for endpoint hunting and custom regular expressions for secret detection.
- Concurrency and Delay Control: You can control the concurrency level for crawling and set delays between requests to avoid overloading the target server.
- HTTP Response Storage: The tool can store HTTP responses, enabling you to further analyze the server’s behavior.
Contact Us