GithubHelp home page GithubHelp logo

5l1v3r1 / dir-xcan Goto Github PK

View Code? Open in Web Editor NEW

This project forked from noobiedog/dir-xcan

0.0 1.0 0.0 564 KB

Python version of OWASP's DirBuster Application.

Home Page: https://twitter.com/NoobieDog

Python 100.00%

dir-xcan's Introduction

Dir-Xcan6

Release Date: 18/12/2014

Dir-Xcan6 is a free and open source scanner. Based on the OWASP's DirBuster project that is now closed. It is mostly experimental software.

This program is for finding hidden directories that are not directly linked on a website. It find HTTP response code 200 directories and outputs the URL to file.

Changelog:

# [DONE] - Http Authentication
# [DONE] - Add COLOR.
# [DONE] - http Proxy options.
# [DONE] - Kill threads on Ctrl+C.
# [DONE] - Defaults added to Arguments.
# [DONE] - Now using Requests instead of Urllib2.
# [DONE] - Verbose modes added, prints found and Non-Authed folders.
# [DONE] - Added User-Agent option.
# [DONE] - Cookie Authentication (with multiple cookies)
# [DONE] - SOCKS Proxy options # To use TOR socks5://127.0.0.1:9050 or socks4://127.0.0.1:9050

TODO:

# Change number of threads on responce time from server.
# Fix error reporting for connection issues.
# Add Pause/Stop/Start functions to script.
# Add XML output option.
# Custom 404 page option.
# Add NTLM Authentication

--**** Use at your own risk. ****--

  • Tested on: Linux 3.2.6 Ubuntu/Debian (Backtrack & Kali)

Usage:

root@bt:~# Dir-Xcan6.py -s https://testphp.vulnweb.com -f directorylist.txt -o Dir-Xcan-results.html -n 30 -p socks5://127.0.0.1:9050 -a username:admin
            -s http://192.168.0.1 -a admin:password -u Mozilla/4.0 -V

            -s = Target domain name or ip
            -f = Filename of the list you want to scan for (Default is "directorylist.txt" thats included in the repo)
            -o = Output Filename for logging of Code 200 Responses (Default is "Dir-Xcan-results.html")
            -n = Number of threads  (Default is 5)
            -p = HTTP Proxy settings (ip:port)
            -a = HTTP Basic Authentication (Username:Password)
            -u = User-Agent String (Default is "Mozilla/5.0")
            -V = Verbose Mode, Prints 200 and 401 codes to the screen.

                    
        Other Arguments:
            
            -v = Version information
            -h = Help menu
                    
    The program will print out the code 200 HTTP Responses to the output file.
    
    It will feed you the percentage of the scan until completion and the ammount of time it took
    to complete the task.
    
    Enjoy. :]
                                                                ~/ NoobieDog

Contact Information:

[ NoobieDog ] - @NoobieDog on Twitter
			  - [email protected]
			  - www.sensepost.com // @sensepost

Original Header:

- This was written for educational purpose and pentests only. Use it at your own risk.
- Author will be not responsible for any damage!
- Toolname        : Dir-Xcan6.py
- Coder           : [email protected] // @NoobieDog
- Version         : 6.0

dir-xcan's People

Contributors

noobiedog avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.