jeudi 29 décembre 2016

DIRS3ARCH V0.3.0 - HTTP(S) DIRECTORY/FILE BRUTE FORCER

DIRS3ARCH V0.3.0 - HTTP(S) DIRECTORY/FILE BRUTE FORCER


dirs3arch is a simple command line tool designed to brute force hidden directories and files in websites.

It's written in python3 3 and all thirdparty libraries are included.

Operating Systems supported
  • Windows XP/7/8
  • GNU/Linux
  • MacOSX

Features
  • Multithreaded
  • Keep alive connections
  • Support for multiple extensions (-e|--extensions asp,php)
  • Reporting (plain text, JSON)
  • Detect not found web pages when 404 not found errors are masked (.htaccess, web.config, etc).
  • Recursive brute forcing
  • HTTP(S) proxy support
  • Batch processing (-L)

Examples
  • Scan www.example.com/admin/ to find php files: 
    python3 dirs3arch.py -u http://www.example.com/admin/ -e php
  • Scan www.example.com to find asp and aspx files with SSL:
    python3 dirs3arch.py -u https://www.example.com/ -e asp,aspx
  • Scan www.example.com with an alternative dictionary (from DirBuster):
    python3 dirs3arch.py -u http://www.example.com/ -e php -w db/dirbuster/directory-list-2.3-small.txt
  • Scan with HTTP proxy (localhost port 8080):
    python3 dirs3arch.py -u http://www.example.com/admin/ -e php --http-proxy localhost:8080
  • Scan with custom User-Agent and custom header (Referer):
    python3 dirs3arch.py -u http://www.example.com/admin/ -e php --user-agent "My User-Agent" --header "Referer: www.google.com"
  • Scan recursively:
    python3 dirs3arch.py -u http://www.example.com/admin/ -e php -r
  • Scan recursively excluding server-status directory and 200 status codes:
    python3 dirs3arch.py -u http://www.example.com/ -e php -r --exclude-subdir "server-status" --exclude-status 200
  • Scan includes, classes directories in /admin/
    python3 dirs3arch.py -u http://www.example.com/admin/ -e php --scan-subdir "includes, classes"
  • Scan without following HTTP redirects:
    python3 dirs3arch.py -u http://www.example.com/ -e php --no-follow-redirects
  • Scan VHOST "backend" at IP 192.168.1.1:
    python3 dirs3arch.py -u http://backend/ --ip 192.168.1.1
  • Scan www.example.com to find wordpress plugins:
    python3 dirs3arch.py -u http://www.example.com/wordpress/wp-content/plugins/ -e php -w db/wordpress/plugins.txt
  • Batch processing:
    python3 dirs3arch.py -L urllist.txt -e php

Thirdparty code
  • colorama
  • oset
  • urllib3
  • sqlmap

Changelog
  • 0.3.0 - 2015.2.5 Fixed issue3, fixed timeout exception, ported to python33, other bugfixes
  • 0.2.7 - 2014.11.21 Added Url List feature (-L). Changed output. Minor Fixes
  • 0.2.6 - 2014.9.12 Fixed bug when dictionary size is greater than threads count. Fixed URL encoding bug (issue2).
  • 0.2.5 - 2014.9.2 Shows Content-Length in output and reports, added default.conf file (for setting defaults) and report auto save feature added.
  • 0.2.4 - 2014.7.17 Added Windows support, --scan-subdir|--scan-subdirs argument added, --exclude-subdir|--exclude-subdirs added, --header argument added, dirbuster dictionaries added, fixed some concurrency bugs, MVC refactoring
  • 0.2.3 - 2014.7.7 Fixed some bugs, minor refactorings, exclude status switch, "pause/next directory" feature, changed help structure, expaded default dictionary
  • 0.2.2 - 2014.7.2 Fixed some bugs, showing percentage of tested paths and added report generation feature
  • 0.2.1 - 2014.5.1 Fixed some bugs and added recursive option
  • 0.2.0 - 2014.1.31 Initial public release

Aucun commentaire:

Enregistrer un commentaire