🚩
Practical CTF
BlogContact
  • 🚩Home - Practical CTF
  • 🌐Web
    • Enumeration
      • Finding Hosts & Domains
      • Masscan
      • Nmap
      • OSINT
    • Client-Side
      • Cross-Site Scripting (XSS)
        • HTML Injection
        • Content-Security-Policy (CSP)
      • CSS Injection
      • Cross-Site Request Forgery (CSRF)
      • XS-Leaks
      • Window Popup Tricks
      • CRLF / Header Injection
      • WebSockets
      • Caching
    • Server-Side
      • SQL Injection
      • NoSQL Injection
      • GraphQL
      • XML External Entities (XXE)
      • HTTP Request Smuggling
      • Local File Disclosure
      • Arbitrary File Write
      • Reverse Proxies
    • Frameworks
      • Flask
      • Ruby on Rails
      • NodeJS
      • Bun
      • WordPress
      • Angular
    • Chrome Remote DevTools
    • ImageMagick
  • 🔣Cryptography
    • Encodings
    • Ciphers
    • Custom Ciphers
      • Z3 Solver
    • XOR
    • Asymmetric Encryption
      • RSA
      • Diffie-Hellman
      • PGP / GPG
    • AES
    • Hashing
      • Cracking Hashes
      • Cracking Signatures
    • Pseudo-Random Number Generators (PRNG)
    • Timing Attacks
    • Blockchain
      • Smart Contracts
      • Bitcoin addresses
  • 🔎Forensics
    • Wireshark
    • File Formats
    • Archives
    • Memory Dumps (Volatility)
    • VBA Macros
    • Grep
    • Git
    • File Recovery
  • ⚙️Reverse Engineering
    • Ghidra
    • Angr Solver
    • Reversing C# - .NET / Unity
    • PowerShell
  • 📟Binary Exploitation
    • ir0nstone's Binary Exploitation Notes
    • Reverse Engineering for Pwn
    • PwnTools
    • ret2win
    • ret2libc
    • Shellcode
    • Stack Canaries
    • Return-Oriented Programming (ROP)
      • SigReturn-Oriented Programming (SROP)
      • ret2dlresolve
    • Sandboxes (chroot, seccomp & namespaces)
    • Race Conditions
  • 📲Mobile
    • Setup
    • Reversing APKs
    • Patching APKs
    • HTTP(S) Proxy for Android
    • Android Backup
    • Compiling C for Android
    • iOS
  • 🌎Languages
    • PHP
    • Python
    • JavaScript
      • Prototype Pollution
      • postMessage Exploitation
    • Java
    • C#
    • Assembly
    • Markdown
    • LaTeX
    • JSON
    • YAML
    • CodeQL
    • NASL (Nessus Plugins)
    • Regular Expressions (RegEx)
  • 🤖Networking
    • Modbus - TCP/502
    • Redis/Valkey - TCP/6379
  • 🐧Linux
    • Shells
    • Bash
    • Linux Privilege Escalation
      • Enumeration
      • Networking
      • Command Triggers
      • Command Exploitation
      • Outdated Versions
      • Network File Sharing (NFS)
      • Docker
      • Filesystem Permissions
    • Analyzing Processes
  • 🪟Windows
    • The Hacker Recipes - AD
    • Scanning/Spraying
    • Exploitation
    • Local Enumeration
    • Local Privilege Escalation
    • Windows Authentication
      • Kerberos
      • NTLM
    • Lateral Movement
    • Active Directory Privilege Escalation
    • Persistence
    • Antivirus Evasion
    • Metasploit
    • Alternate Data Streams (ADS)
  • ☁️Cloud
    • Kubernetes
    • Microsoft Azure
  • ❔Other
    • Business Logic Errors
    • Password Managers
    • ANSI Escape Codes
    • WSL Tips
Powered by GitBook
On this page
  • Description
  • Options
  1. Forensics

Grep

Search for text inside of files

Description

Grep is a really useful tool for quickly finding what you're looking for. If you know a file somewhere has some content, or just want to find all files with a certain pattern in them, Grep is the perfect tool for the job. It's written in C and highly optimized, meaning you can quickly search through lots of files.

$ grep [OPTIONS...] PATTERNS [FILES...]
  • OPTIONS can be any flags to change the way the search works, or matches are displayed

  • PATTERNS are a string containing one or more patterns to search for, separated by newline characters (\n). To put a newline character in an argument you can use the $'first\nsecond' syntax

  • FILES are the files to search through for the PATTERNS. If not specified, it will read from standard input (piping into grep). If in recursive mode with -r, it will default to the current directory but can be any directory

Simple example
$ grep something file.txt
And here is something.

See all documentation about the options with man grep

Options

The are a few common and really useful options to know in Grep:

  • -r: Recursively search a directory (default: current)

  • -v: Invert search, matching lines where no match

  • -i: Search case-insensitive (uppercase/lowercase doesn't matter)

  • -n: Print the line number of the match in the file

  • -o: Only output match (no text around)

  • -a: Show all matches (also binary files)

  • -b: Show byte-offset of matches

  • -l: List files that match instead of showing the match

  • Simple Regular Expressions (RegEx) are enabled by default in PATTERNS

    • -F: Treat PATTERNS as fixed strings, not regular expressions

    • -P: Use perl-compatible regular expressions (PCRE) including all advanced RegEx features

Some options are also available by using egrep (-E), fgrep (-F) and rgrep (-r) to quickly set the options without having to add the flag.

Examples
# # Select files and output
$ grep -r "something"  # Search recursively in current directory for "something"
$ grep -v "something" file.txt  # Find all lines in file that don't match "something"
$ grep "something" *.txt  # Search "something" in all .txt files (current directory only)
$ grep -r "something" --include "*.txt"  # Recursivly search "something" in .txt files
$ grep -ab "something" file.bin  # Show all (binary) matches and byte-offset
$ grep -r -l "something"  # List filenames that match "something" recursively
$ grep -B2 -A5 "something" file.txt  # Show 2 lines before, and 5 lines after match

# # Patterns
$ grep -r -i "something"  # Search case-insensitively for "something"
$ grep "CTF{.*}" file.txt  # Search for flag format in file
$ grep -P "\x73\x6f\x6d\x65\x74\x68\x69\x6e\x67" file.txt  # Search for hex bytes in file
$ xxd -p file.txt | grep "aabbccdd"  # Search for hex bytes using xxd
$ grep $'first\nsecond' file.txt  # Search for multiple patterns in one file
PreviousVBA MacrosNextGit

Last updated 1 year ago

Tip: Also check out for a Rust implementation of most grep features, with better defaults for recursive searching while skipping unnecessary files

🔎
ripgrep