Python tool for enumerating directories and for fuzzing

Related tags

Security related resourcesdirEnum
Overview

dirEnum

Python tool for enumerating directories and for fuzzing

Download the tool with following command from shell:

git clone https://github.com/confusedHatHacker/dirEnum

After cloning change directories and go to dirEnum folder. Run the following command from shell:

pip install -r requirements.txt

Usage instructions: python dirEnum.py -u -w [options]

Optional arguments for dirEnum

optional arguments:
  -h, --help        show this help message and exit
  -u , --url        Enter url[:port] to scan
  -w , --wordlist   Enter wordlist location
  -e , --ext        Enter extensions to scan (eg., php,html)
  -t , --threads    Enter number of threads
  -m , --mode       choose between FUZZ (fuzzing) or DIR(directory enumeration) [Default: dir]

Examples:

python dirEnum.py -u 192.168.0.1 -w wordlist.txt -m dir -e php,html,txt -t 20
python dirEnum.py -u 192.168.0.1 -w wordlist.txt -m fuzz -t 20

Please note: For fuzzing change mode with -m option, by default it is in dir mode/does directory enumeration.

Owner
Gourab Roy
Love to code
Gourab Roy
GitHub Repository
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -

Herwono W. Wijaya 130 Dec 15, 2022
CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享,严禁用于非法用途,否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn

r0cky 355 Aug 03, 2022
This repository is one of a few malware collections on the GitHub.

This repository is one of a few malware collections on the GitHub.

Andrew 1.7k Dec 28, 2022
A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Invisible Backdoor Detector is a little Python script that allows you to spot and remove Bidi characters that could lead to an invisible backdoor. If you don't know what that is you should check the

SecSI 28 Dec 29, 2022
GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

Mathew Payne 121 Dec 14, 2022
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 09, 2022
A Python script that can be used to check if a SAP system is affected by CVE-2022-22536

Vulnerability assessment for CVE-2022-22536 This repository contains a Python script that can be used to check if a SAP system is affected by CVE-2022

Onapsis Inc. 42 Dec 01, 2022
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口

Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。

s7ck Team 764 Jan 05, 2023
Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name

A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name. This project is for educational use, we are not responsible for i

20 Dec 02, 2022
Simple tool to create passwords.

PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of

DM 1 Jan 10, 2022
A collection of write-ups and solutions for Cyber FastTrack Spring 2021.

IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -

Alice 48 Aug 28, 2022
Log4j2 intranet scan

Log4j2-intranet-scan ⚠️ 免责声明 本项目仅面向合法授权的企业安全建设行为,在使用本项目进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任 在使用本项目前,请您务

k3rwin 16 Dec 19, 2022
LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r

315 Dec 18, 2022
Web-eyes - OSINT tools for website research

WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar

8 Nov 10, 2022
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

1frame 266 Jan 02, 2023
The self-hostable proxy tunnel

TTUN Server The self-hostable proxy tunnel. Running Running: docker run -e TUNNEL_DOMAIN=Your tunnel domain -e SECURE=True if using SSL ghcr.io/to

Tom van der Lee 2 Jan 11, 2022
Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell

sam 16 Nov 09, 2022
A local Socks5 server written in python, used for integrating Multi-hop

proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro

4 Feb 24, 2022
Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Home Assistant LDAP Auth Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container. Usage Deploy NGINX's l

Erik 1 Sep 21, 2022
A terminal based web shell controller

shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w

s1mple 10 Dec 28, 2021