brave-search
CLI tool for cybersecurity workflows that queries Brave Search API and extracts URLs from the results. Clean output, pagination support, rate limiting, retries, proxy support (HTTP / SOCKS5).
brave-search is a modern, Linux-first command-line tool maintained by a member of Haltman.io. It queries the Brave Search API and extracts URLs only, producing clean, pipeline-friendly output for cybersecurity workflows.
Typical use cases:
-
OSINT URL collection
-
Recon pipelines (seed URLs for crawlers/scanners)
-
Brand and domain footprint discovery
-
Automated search-driven enrichment
Installation
Requirements
- Go 1.22+
- Valid Brave Search API key
git clone https://github.com/haltman-io/brave-search.git
cd brave-search
go build -o brave-search ./cmd/brave-search
./brave-search -h
go install github.com/haltman-io/brave-search/cmd/brave-search@latest
brave-search -h
Configuration
API key configuration (required)
brave-search -ak "YOUR_API_KEY" -sq "site:example.com"
On first run, the tool ensures a config file exists next to the executable:
.brave-search.yaml
Initial structure:
api_keys: []
Add one or more keys:
api_keys:
- "KEY_1"
- "KEY_2"
Keys are rotated per request.
Usage
Basic search
brave-search -sq "site:thc.org" --debug --all
Multiple queries
Comma-separated:
brave-search -sq "site:example.com,site:example.org"
Repeatable flags:
brave-search -sq "site:example.com" -sq "site:example.org"
From file:
brave-search -sqf queries.txt
From stdin (explicit):
cat queries.txt | brave-search --stdin
Pagination
Manual page control:
brave-search -sq "site:example.com" --count 20 --page 0
Auto-pagination (recommended):
brave-search -sq "site:example.com" --all
Output to file (sorted & deduplicated)
brave-search -sq "site:example.com" --all -o urls.txt
- Results are sorted and deduplicated
- One URL per line
- File is overwritten if it exists
Proxy and TLS usage
HTTP proxy + TLS bypass (common with Burp/ZAP):
brave-search -sq "site:example.com" --proxy http://127.0.0.1:8080 -k
SOCKS5 proxy:
brave-search -sq "site:example.com" --proxy socks5://127.0.0.1:9050
Possible Problems / Important Notes
Rate limits
- Default tool limit: 5 requests/second
- Brave API tiers may enforce stricter limits (e.g., 1 rps)
If you see 429 RATE_LIMITED:
brave-search -sq "site:example.com" --rate-limit 1
Increase retry wait time:
brave-search -sq "site:example.com" --retry-wait-time 5s
Retries and failures
- Default retries: 3
- If retries are exhausted, the tool exits with a fatal error (intentional to avoid silent data loss)
STDIN behavior
- Reading from stdin is disabled by default
- You must explicitly enable it with
--stdin
TLS bypass warning
brave-search -k disables TLS verification. Use only in controlled lab environments where MITM visibility is expected.
External References
Last updated Feb 12, 2026
Built with Documentation.AI