---

🚀 TheTimeMachine v3.0 - Weaponizing Wayback for Recon, BugBounties, OSINT & More!

You’ve heard of time travel in movies and comics, right? Well, this isn’t fiction anymore 😎. TheTimeMachine lets you dig through the past of any web app by scraping archived URLs from the Wayback Machine — and helps you find sensitive, forgotten, or deprecated endpoints for further exploitation.

Whether you’re into bug bounty, red teaming, or just love good ol’ recon, this tool was built to make my recon workflow faster, cleaner, and more effective. No more juggling multiple scripts — TheTimeMachine does it all in one shot.

---

🧩 Featured At

| Conference | Year | Track / Showcase | | |-------------------|------|---------------------------|---| | Defcon33- Las Vegas, NV | 2025 | Demo Labs | <img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/74fc8406-70eb-4b50-a42b-60af6a62cd34" /> | | BSides Mumbai | 2025 | Tools Arsenal Showcase |<img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/b5c1937d-d7bb-49e1-9bc3-6166102a2781" />| | OSINT Conference | 2025 | OSINT Conference | <img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/eba9502f-047e-42b7-ab7d-c3154a4acc11" /> | | Null Bangalore × OWASP Bangalore | 2025 | Monthly Meetup | <img width="200" height="200" alt="image" src="https://github.com/user-attachments/assets/28ed864b-eb4d-48fe-8412-7da576e0e899" />| | Bsides Delaware | 2025 | Conference | <img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/e922c068-4e00-4a42-a871-cf720ba78aab" />| | BSides Agra | 2025 | Conference | <img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/c32c16a9-3294-4dbb-abb9-1ba1e4355116" /> | | Wild West Hackin' Fest (Denver, Colorado) | 2026 | Conference | <img width="225" height="224" alt="image" src="https://github.com/user-attachments/assets/9cee6f18-20db-4aac-812e-40d09f132214" /> | | Announcing Soon! | 20XX | Announcing Soon! | <img width="225" height="224" alt="image" src="https://comb.io/p4hBRB.gif" />|

---

💡 What It Does

This isn't just another Wayback scraper. Here's what TheTimeMachine brings to the table:

• 🔎 Archived URL Fetching – Pull historical URLs from Wayback Machine.
• 💾 Backup File Detection – Find .zip, .bak, .sql, .tar.gz, .old, and other juicy files.
• ⚙️ Historical Backups - Looks for historical backups for the identified backup files.
• ⚔️ Attack Mode – Scan for vulnerable endpoints using patterns/signatures:
  • XSS
  • SQLi
  • LFI
  • Open Redirects
  • WordPress Vulns
  • JIRA-based misconfig
• 🧠 GET Parameter Mapping – Map every GET parameter to where it appears. (Great for fuzzing automation.)
• 🧪 JWT Detection – Detect and decode JWTs embedded in archived URLs.
• 📁 Directory Listing Detection – Find open indexed directories.
• 🕵️ Subdomain Enumeration – Pull subdomains seen in archived data.
• 🔍 Keyword Search – Search custom keywords like config, backup, .log, etc.
• 🧩 Custom Payload Lists – Use your own fuzz list or signatures for custom scans.

---

⚙️ Installation

Tested on Python 3 across Ubuntu/Kali/Windows.

git clone https://github.com/anmolksachan/TheTimeMachine

cd TheTimeMachine

pip3 install -r requirements.txt

---

🚀 Usage

python3 thetimemachine.py <target.com> [OPTIONS]

Note: Don't use http:// or https:// in the domain — just pass domain.com or sub.domain.com.

---

📋 Options

| Option | Description | | ----------------- | ------------------------------------------------------------ | | --fetch | Fetch archived URLs from Wayback | | --backups | Scan for exposed backup/config files | | --attack [type] | Run attack mode (xss, sqli, lfi, redirect, jira, wp, custom) | | --jwt | Detect & decode JWT tokens | | --subdomains | Extract subdomains from historical URLs | | --parameters | Extract GET parameters & map them to URLs | | --listings | Detect open directory listings |

---

🔁 Example Workflows

Fetch all Wayback URLs

python3 thetimemachine.py example.com --fetch

Look for exposed backup files

python3 thetimemachine.py example.com --backups

Look for directory listing

python3 thetimemachine.py example.com --listings

Scan for possible XSS points

python3 thetimemachine.py example.com --attack xss

Map parameters from archived data

python3 thetimemachine.py example.com --parameters

Extract JWTs

python3 thetimemachine.py example.com --jwt

And much more

usage: thetimemachine.py [-h] [--fetch] [--jwt] [--backups] [--subdomains] [--listings] [--attack {xss,sqli,lfi,redirect,jira,wp,fuzz}] [--menu]
                         [--parameters]
                         target

---

📁 Output Structure

All results are neatly saved under the content/ directory:

content/
└── example.com/
    ├── example.com_URLs.txt
    ├── example.com_xss.txt
    ├── example.com_sqli.txt
    ├── example.com_parameters.txt
    ├── example.com_subdomain.txt
    └── ...

---

✍️ Add Your Own Payloads

You can fully customize the payloads for XSS, SQLi, fuzzing, etc. Just edit the respective .txt files inside the repo and fire away!

---

🧠 Why I Built This

I'm not a full-time bug bounty hunter, but I needed a tool that’d do fast recon, find juicy endpoints, and give me enough leads to manually dig deeper. Got my HOF on multiple VDPs and bugbounty, including NOKIA, Mediatek, and more.

---

📸 Demo

<!---->

https://github.com/user-attachments/assets/e07155ed-52b5-45e4-91aa-297a5caeac3a

Note: This is just a demo and doesn't cover full potential of the tool.

---

🙌 Shoutouts

• @nihitjain11
• @Shivam Saraswat
• @thecyberneh
• PushkraJ99

---

📝 Blogs

1. The Time Machine — Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not v1.0
2. Time Traveling for Bugs: How The Time Machine v3.0 Uncovered an XSS on REDACTED.com
3. How “The Time Machine v3.0” Landed Me in the CERT-In Hall of Fame

---

🌎 Community

1. Simple Recon on Android using TheTimeMachine + Dirsearch (Medium)
2. Michel Kartner – YouTube
3. @cyb_detective’s Tweet
4. @cyb_detective’s Tweet v3.0
5. The Ultimate Guide to the Time Machine Way Back URL Crawler for OSINT
6. OSINT resources
7. Cyber Detective's OSINT tools collection
8. Unlock the Full Potential of the Wayback Machine for Bug Bounty
9. TheTimeMachine for Bug Bounties & OSINT

---

📬 Contact

DMs are open – reach out to me on @FR13ND0x7F

---

⭐️ Support

If this tool helped you, drop a star on the repo or follow me on Twitter — that’s all I ask 😄

---

👨‍💻 Author

Author: Anmol K. Sachan | Twitter/ X: @FR13ND0x7F <br>Co-author: Chaudhary_S4h4b | Twitter/ X: @Chaudhary_S4h4b

---

⚒️ Issues

Version 3.0 is under development. If you see any issues please open an issues and we are happy to take a look and fix that.

• --menu work is under progress you can directly use --attack instead.
• listings enhanced detection capability with aggresive mode.

---