Gecit (Turkish: geçit) means "passage" or "gateway" — a narrow path that allows crossing from one side to another. In the context of web security, it represents the very thing an open redirect vulnerability creates: an unintended passage that lets attackers redirect users from a trusted domain to a malicious one.
Gecit is a fast, concurrent open redirect scanner written in Go. It tests target URLs against a comprehensive set of categorized payloads to detect redirect vulnerabilities.
- Concurrent scanning with configurable worker threads
- 100+ payloads across 5 categories (General, Local, Bypass, Protocol, Subdomain)
- Cloud metadata endpoint detection (AWS, GCP, Azure, DigitalOcean)
- Filter bypass techniques (URL encoding, Unicode, backslash, whitespace, CRLF)
- Randomized User-Agent headers to reduce fingerprinting
- Pipe-friendly — works seamlessly with other tools via stdin
go install -v github.com/halilkirazkaya/gecit@latestOr build from source:
git clone https://github.com/halilkirazkaya/gecit.git
cd gecit
go build -o gecit .| Flag | Short | Default | Description |
|---|---|---|---|
--url |
-u |
Single target URL | |
--list |
-l |
File containing target URLs | |
--threads |
-t |
25 |
Number of concurrent workers |
--timeout |
5 |
Request timeout in seconds |
Scan a single URL:
gecit -u "https://example.com/redirect?url="Scan from a file:
gecit -l targets.txtPipe from other tools:
cat targets.txt | gecitCombine with tools like waybackurls or gau:
echo "example.com" | waybackurls | grep -i "redirect\|url=" | gecit -t 50| Category | Description |
|---|---|
| General | Standard redirect tests with common external domains |
| Local | Localhost, internal IPs, and cloud metadata endpoints |
| Bypass | URL encoding, Unicode, backslash, whitespace, and CRLF evasion |
| Protocol | JavaScript, data, file, FTP, and WebSocket scheme tests |
| Subdomain | Subdomain-based trust boundary bypasses |