DIRS3ARCH V0.3.0 - HTTP(S) DIRECTORY/FILE BRUTE FORCER
dirs3arch is a simple command line tool designed to brute force hidden directories and files in websites.
It's written in python3 3 and all thirdparty libraries are included.
Operating Systems supported
- Windows XP/7/8
- GNU/Linux
- MacOSX
Features
- Multithreaded
- Keep alive connections
- Support for multiple extensions (-e|--extensions asp,php)
- Reporting (plain text, JSON)
- Detect not found web pages when 404 not found errors are masked (.htaccess, web.config, etc).
- Recursive brute forcing
- HTTP(S) proxy support
- Batch processing (-L)
Examples
- Scan www.example.com/admin/ to find php files:
python3 dirs3arch.py -u http://www.example.com/admin/ -e php
- Scan www.example.com to find asp and aspx files with SSL:
python3 dirs3arch.py -u https://www.example.com/ -e asp,aspx
- Scan www.example.com with an alternative dictionary (from DirBuster):
python3 dirs3arch.py -u http://www.example.com/ -e php -w db/dirbuster/directory-list-2.3-small.txt
- Scan with HTTP proxy (localhost port 8080):
python3 dirs3arch.py -u http://www.example.com/admin/ -e php --http-proxy localhost:8080
- Scan with custom User-Agent and custom header (Referer):
python3 dirs3arch.py -u http://www.example.com/admin/ -e php --user-agent "My User-Agent" --header "Referer: www.google.com"
- Scan recursively:
python3 dirs3arch.py -u http://www.example.com/admin/ -e php -r
- Scan recursively excluding server-status directory and 200 status codes:
python3 dirs3arch.py -u http://www.example.com/ -e php -r --exclude-subdir "server-status" --exclude-status 200
- Scan includes, classes directories in /admin/
python3 dirs3arch.py -u http://www.example.com/admin/ -e php --scan-subdir "includes, classes"
- Scan without following HTTP redirects:
python3 dirs3arch.py -u http://www.example.com/ -e php --no-follow-redirects
- Scan VHOST "backend" at IP 192.168.1.1:
python3 dirs3arch.py -u http://backend/ --ip 192.168.1.1
- Scan www.example.com to find wordpress plugins:
python3 dirs3arch.py -u http://www.example.com/wordpress/wp-content/plugins/ -e php -w db/wordpress/plugins.txt
- Batch processing:
python3 dirs3arch.py -L urllist.txt -e php
Thirdparty code
- colorama
- oset
- urllib3
- sqlmap
Changelog
- 0.3.0 - 2015.2.5 Fixed issue3, fixed timeout exception, ported to python33, other bugfixes
- 0.2.7 - 2014.11.21 Added Url List feature (-L). Changed output. Minor Fixes
- 0.2.6 - 2014.9.12 Fixed bug when dictionary size is greater than threads count. Fixed URL encoding bug (issue2).
- 0.2.5 - 2014.9.2 Shows Content-Length in output and reports, added default.conf file (for setting defaults) and report auto save feature added.
- 0.2.4 - 2014.7.17 Added Windows support, --scan-subdir|--scan-subdirs argument added, --exclude-subdir|--exclude-subdirs added, --header argument added, dirbuster dictionaries added, fixed some concurrency bugs, MVC refactoring
- 0.2.3 - 2014.7.7 Fixed some bugs, minor refactorings, exclude status switch, "pause/next directory" feature, changed help structure, expaded default dictionary
- 0.2.2 - 2014.7.2 Fixed some bugs, showing percentage of tested paths and added report generation feature
- 0.2.1 - 2014.5.1 Fixed some bugs and added recursive option
- 0.2.0 - 2014.1.31 Initial public release
Aucun commentaire:
Enregistrer un commentaire