Skip to content

anmolksachan/TheTimeMachine

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

87 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation


πŸš€ TheTimeMachine v3.0 - Weaponizing Wayback for Recon, BugBounties, OSINT & More!

image

You’ve heard of time travel in movies and comics, right? Well, this isn’t fiction anymore 😎. TheTimeMachine lets you dig through the past of any web app by scraping archived URLs from the Wayback Machine β€” and helps you find sensitive, forgotten, or deprecated endpoints for further exploitation.

Whether you’re into bug bounty, red teaming, or just love good ol’ recon, this tool was built to make my recon workflow faster, cleaner, and more effective. No more juggling multiple scripts β€” TheTimeMachine does it all in one shot.


πŸ’‘ What It Does

This isn't just another Wayback scraper. Here's what TheTimeMachine brings to the table:

  • πŸ”Ž Archived URL Fetching – Pull historical URLs from Wayback Machine.
  • πŸ’Ύ Backup File Detection – Find .zip, .bak, .sql, .tar.gz, .old, and other juicy files.
  • βš”οΈ Attack Mode – Scan for vulnerable endpoints using patterns/signatures:
    • XSS
    • SQLi
    • LFI
    • Open Redirects
    • WordPress Vulns
    • JIRA-based misconfig
  • 🧠 GET Parameter Mapping – Map every GET parameter to where it appears. (Great for fuzzing automation.)
  • πŸ§ͺ JWT Detection – Detect and decode JWTs embedded in archived URLs.
  • πŸ“ Directory Listing Detection – Find open indexed directories.
  • πŸ•΅οΈ Subdomain Enumeration – Pull subdomains seen in archived data.
  • πŸ” Keyword Search – Search custom keywords like config, backup, .log, etc.
  • 🧩 Custom Payload Lists – Use your own fuzz list or signatures for custom scans.

βš™οΈ Installation

Tested on Python 3 across Ubuntu/Kali/Windows.

git clone https://github.com/anmolksachan/TheTimeMachine
cd TheTimeMachine
pip3 install -r requirements.txt

πŸš€ Usage

python3 thetimemachine.py <target.com> [OPTIONS]

Note: Don't use http:// or https:// in the domain β€” just pass domain.com or sub.domain.com.


πŸ“‹ Options

Option Description
--fetch Fetch archived URLs from Wayback
--backups Scan for exposed backup/config files
--attack [type] Run attack mode (xss, sqli, lfi, redirect, jira, wp, custom)
--jwt Detect & decode JWT tokens
--subdomains Extract subdomains from historical URLs
--parameters Extract GET parameters & map them to URLs
--listings Detect open directory listings

πŸ” Example Workflows

Fetch all Wayback URLs

python3 thetimemachine.py example.com --fetch

Look for exposed backup files

python3 thetimemachine.py example.com --backups

Look for directory listing

python3 thetimemachine.py example.com --listings

Scan for possible XSS points

python3 thetimemachine.py example.com --attack xss

Map parameters from archived data

python3 thetimemachine.py example.com --parameters

Extract JWTs

python3 thetimemachine.py example.com --jwt

And much more

usage: thetimemachine.py [-h] [--fetch] [--jwt] [--backups] [--subdomains] [--listings] [--attack {xss,sqli,lfi,redirect,jira,wp,fuzz}] [--menu]
                         [--parameters]
                         target

πŸ“ Output Structure

All results are neatly saved under the content/ directory:

content/
└── example.com/
    β”œβ”€β”€ example.com_URLs.txt
    β”œβ”€β”€ example.com_xss.txt
    β”œβ”€β”€ example.com_sqli.txt
    β”œβ”€β”€ example.com_parameters.txt
    β”œβ”€β”€ example.com_subdomain.txt
    └── ...

✍️ Add Your Own Payloads

You can fully customize the payloads for XSS, SQLi, fuzzing, etc. Just edit the respective .txt files inside the repo and fire away!


🧠 Why I Built This

I'm not a full-time bug bounty hunter, but I needed a tool that’d do fast recon, find juicy endpoints, and give me enough leads to manually dig deeper. Got my HOF on multiple VDPs and bugbounty, including NOKIA, Mediatek, and more.


πŸ“Έ Demo

GIF Demo


πŸ™Œ Shoutouts


🌎 Community

  1. Simple Recon on Android using TheTimeMachine + Dirsearch (Medium)
  2. Michel Kartner – YouTube
  3. @cyb_detective’s Tweet

πŸ“¬ Contact

DMs are open – reach out to me on @FR13ND0x7F


⭐️ Support

If this tool helped you, drop a star on the repo or follow me on Twitter β€” that’s all I ask πŸ˜„


πŸ‘¨β€πŸ’» Author

Author: Anmol K. Sachan | Twitter/ X: @FR13ND0x7F
Co-author: Chaudhary_S4h4b | Twitter/ X: @Chaudhary_S4h4b


βš’οΈ Issues

Version 3.0 is under development. If you see any issues please open an issues and we are happy to take a look and fix that.

  • --menu work is under progress you can directly use --attack instead.
  • --backup needs to also output archieved URL simialr to WayBackupFinder