14.08.2011, 14:03
|
|
Познавший АНТИЧАТ
Регистрация: 16.07.2010
Сообщений: 1,022
Провел на форуме:
262707
Репутация:
935
|
|
По моему самый лучший инструмент, это OWASP DirBuster:
Код:
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project#tab=Download
Преимущества:
- Multi threaded has been recorded at over 6000 requests/sec
- Works over both http and https
- Scan for both directory and files
- Will recursively scan deeper into directories it finds
- Able to perform a list based or pure brute force scan
- DirBuster can be started on any directory
- Custom HTTP headers can be added
- Proxy support
- Auto switching between HEAD and GET requests
- Content analysis mode when failed attempts come back as 200
- Custom file extensions can be used
- Performance can be adjusted while the program in running
- Supports Basic, Digest and NTLM auth
- Command line * GUI interface
Так же на сайте производителя есть база: - directory-list-2.3-small.txt - (87650 words) - Directories/files that where found on at least 3 different hosts
- directory-list-2.3-medium.txt - (220546 words) - Directories/files that where found on at least 2 different hosts
- directory-list-2.3-big.txt - (1273819 words) - All directories/files that where found
- directory-list-lowercase-2.3-small.txt - (81629 words) - Case insensitive version of directory-list-2.3-small.txt
- directory-list-lowercase-2.3-medium.txt - (207629 words) - Case insensitive version of directory-list-2.3-medium.txt
- directory-list-lowercase-2.3-big.txt - (1185240 words) - Case insensitive version of directory-list-2.3-big.txt
- directory-list-1.0.txt - (141694 words) - Original unordered list
- apache-user-enum-1.0.txt - (8916 usernames) - Used for guessing system users on apache with the
- userdir module enabled, based on a username list I had lying around (unordered)
- apache-user-enum-2.0.txt - (10341 usernames) - Used for guessing system users on apache with the
- userdir module enabled, based on ~XXXXX found during list generation (Ordered)
Код:
http://downloads.sourceforge.net/dirbuster/DirBuster-Lists.tar.bz2?use_mirror=osdn
|
|
|