# Install gau with Homebrew, MacPorts, Nix

Open Threat Exchange, Wayback Machine, and Common Crawl URL fetcher. Version 2.2.4 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:gau
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install gau
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install gau
```

  Evidence: MacPorts ports tree: www/gau/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#gau
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ga/gau/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:gau
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/gau>
- **Version:** 2.2.4
- **Source summary:** Open Threat Exchange, Wayback Machine, and Common Crawl URL fetcher
- **Homepage:** <https://github.com/lc/gau>
- **Repository:** <https://github.com/lc/gau>
- **Upstream docs:** <https://github.com/lc/gau#readme>
- **License:** MIT
- **Source archive:** <https://github.com/lc/gau/archive/refs/tags/v2.2.4.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- gau (cli)
- gau (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 2.2.4
- Local data: ok
- Upstream repository: https://github.com/lc/gau
- Upstream latest detected: v2.2.4 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

getallurls, commonly packaged as `gau`, is a reconnaissance CLI that fetches known URLs for domains from AlienVault Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan. It is aimed at security researchers and bug bounty workflows that need historical and third-party URL discovery.

### Project history

The project was created in February 2020 and reached a v1.0 release in April 2020. The README says gau was inspired by Tomnomnom's `waybackurls`, and the v2.0.4 release in November 2021 introduced a rewrite with speed improvements, a new URLScan provider, configuration-file loading, new filters, and SOCKS5 proxy support.

### Adoption history

Official installation options include `go install`, cloning and building from source, downloading GitHub release binaries, and Docker. The input curation also records Homebrew, MacPorts, and Nix package availability, showing the tool's spread through common security-tool package channels.

### How it is used

gau accepts domains from arguments or stdin and can run with worker threads, write results to a file, filter by extensions, status codes, MIME types, date ranges, providers, and proxy settings, and output JSON. It automatically looks for `$HOME/.gau.toml` or `%USERPROFILE%\.gau.toml` unless an alternate config is supplied.

### Why package nerds care

gau is package-nerd-significant because it turns multiple web-archive and threat-intelligence sources into a composable Unix-style CLI. Its short name also collides with an oh-my-zsh git alias, a small but memorable packaging and shell-environment wrinkle documented by the project.

### Timeline

- 2020: Public GitHub repository created.
- 2020: v1.0 released.
- 2021: v2.0.4 rewrite release added URLScan, config loading, filters, and SOCKS5 proxy support.
- 2024: v2.2.4 release published.

### Related projects

- gau is inspired by Tomnomnom's `waybackurls` and depends conceptually on AlienVault OTX, the Wayback Machine, Common Crawl, and URLScan as URL providers.

### Sources

- <https://github.com/lc/gau>
- <https://github.com/lc/gau/releases>
- <https://github.com/lc/gau/releases/tag/v2.0.4>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ~/.gau.toml
- Windows: %USERPROFILE%\.gau.toml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** gau
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - gau: normalized package name match | nixpkgs package indexes: pkgs/by-name/ga/gau/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- MacPorts - gau: normalized package name match | MacPorts ports tree: www/gau/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Language runtime packages](https://www.automicvault.com/pkg/language-runtime-packages/) - Matched language runtime, compiler, or interpreter metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [favirecon](https://www.automicvault.com/pkg/brew/favirecon/) - Shares av.db curated category or tags: cli, go, reconnaissance, security.
- [amass](https://www.automicvault.com/pkg/brew/amass/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [bbot](https://www.automicvault.com/pkg/brew/bbot/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [chaos-client](https://www.automicvault.com/pkg/brew/chaos-client/) - Shares av.db curated category or tags: cli, go, reconnaissance, security.
- [csprecon](https://www.automicvault.com/pkg/brew/csprecon/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [observerward](https://www.automicvault.com/pkg/brew/observerward/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [recon-ng](https://www.automicvault.com/pkg/brew/recon-ng/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [subfinder](https://www.automicvault.com/pkg/brew/subfinder/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [uncover](https://www.automicvault.com/pkg/brew/uncover/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, discovery, reconnaissance, security.
- [dnsgen](https://www.automicvault.com/pkg/brew/dnsgen/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, discovery, reconnaissance, security.

## Combined YAML source

View the package source record on GitHub. [combined/gau.yml](https://github.com/automic-vault/db/blob/main/combined/gau.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
