A fast, simple, recursive content discovery tool written in Rust.
MIT License
Bot releases are hidden (Show)
Published by epi052 almost 4 years ago
@flangyver strikes again!
Published by epi052 almost 4 years ago
/
's🥳 Special thanks to @Sicks3c for the report that ID'd the issue 🥳
Fixed an issue where a word from the wordlist, that starts with 2 or more /
's, would fail to properly join with the given domain. When a wordlist contains words that begin with 2 forward slashes, i.e. //1_40_0/static/js
, the library used for making requests joins the word onto the base url in a surprising way:
base_url: https://localhost/
word: //1_40_0/static/js
result: https://1_40_0/static/js
This is due to the fact that //...
is a valid url.
Words with two or more /
's will be normalized down to 0 prepended /
's to allow for a proper join.
Published by epi052 almost 4 years ago
ex:
/admin/ => 403
/admin/login.php => 200
Published by epi052 almost 4 years ago
/
char to all sub-directories, but leave the last part of the link (possibly a file) intactinstall-nix.sh
to skip font install if already presentPublished by epi052 almost 4 years ago
The statistics module tracks a slew of metrics about the scan. Below is a JSON representation to illustrate what gets tracked (produced with -o stuff --json
)
{
"type":"statistics",
"timeouts":0,
"requests":4661,
"expected_per_scan":4658,
"total_expected":4658,
"errors":0,
"successes":23,
"redirects":11,
"client_errors":4627,
"server_errors":0,
"total_scans":1,
"initial_targets":1,
"links_extracted":0,
"status_200s":23,
"status_301s":7,
"status_302s":4,
"status_401s":0,
"status_403s":3,
"status_429s":0,
"status_500s":0,
"status_503s":0,
"status_504s":0,
"status_508s":0,
"wildcards_filtered":0,
"responses_filtered":0,
"resources_discovered":35,
"url_format_errors":0,
"redirection_errors":0,
"connection_errors":0,
"request_errors":0,
"directory_scan_times":[
9.105557468
],
"total_runtime":[
9.739999046
]
}
Published by epi052 almost 4 years ago
--filter-similar-to
requests the page passed to it via CLI, after which it hashesPublished by epi052 almost 4 years ago
🎄 Special thanks to @SleepiPanda for the issue report! 🎉
Published by epi052 almost 4 years ago
--extract-links
to include requesting/parsing of robots.txt
to increase scan coverage🤖 Special thanks to @mzpqnxow for the suggestion! 🤖
Published by epi052 almost 4 years ago
Published by epi052 almost 4 years ago
--time-limit
).--time-limit
optiontime_limit
to example configSpecial thanks to @mzpqnxow for the time limit suggestion 🙏
Published by epi052 almost 4 years ago
🏆 Thank you to twitter user @dissect0r for the nudge! ❤️
Published by epi052 almost 4 years ago
ctrl+c
dumps a state file to disk--resume-from
to resume interrupted scanssave_state = false
to ferox-config.tomlSpecial thanks to @flangyver for pushing me to get this one done!
Published by epi052 almost 4 years ago
🦃 Thank you to @uBadRequest for requesting this feature! 🌮
Published by epi052 almost 4 years ago
--debug-log
option, which will output log entries--output
option only saves scan results (used to save scan results and log entries)--json
flag that forces both --output
and --debug-log
to emit JSON entries instead of normal text💯 Thanks to @mzpqnxow for submitting the feature request and @uBadRequest for helping finalize the details! 💯
Published by epi052 almost 4 years ago
extract-links
weren't being properly passed to scan logicPublished by epi052 almost 4 years ago
Thank you to @mzpqnxow for reporting these two issues! 🎉
Published by epi052 almost 4 years ago
Small bugfix that changes an optional response body read to always be true
Published by epi052 almost 4 years ago
Special Thanks to HTB user LMAY75 for the feature request 🥳 and to @evanrichter for his implementation of the feature request 🎉
Published by epi052 almost 4 years ago
--extract-links
Credit to the bug find go to @Flangyver (again! lol)
Published by epi052 almost 4 years ago
RLIMIT_NOFILE
resource (linux/macos only)RLIMIT_NOFILE
is the maximum number of file descriptors that can be opened by the process.
If the current hard limit is greater than our requested default, the soft limit is raised to the requested value.
If the hard limit is instead lower than the requested value AND the soft limit is lower than the hard limit, the soft limit is increased to be equal to the hard limit.
If both of the above conditions aren't met, nothing happens.