w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features: HTTP/HTTPS(SSL) support Banner grabbing User-Agent faking Proxy support (HTTP/S) Reports found and non-existend directories Example output:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
w3bfukk0r http://nion.modprobe.de Starting w3bfukk0r 0.2 Scanning http://nion.modprobe.de/ with 76 words from words.txt Found http://nion.modprobe.de/tmp/ (HTTP 200) Found http://nion.modprobe.de/blog/ (HTTP 200) Found http://nion.modprobe.de/img/ (HTTP 200) Found http://nion.modprobe.de/setup/ (HTTP 200) Found 4 directories. Server runs: Apache/2.0.54 (Debian GNU/Linux) PHP/5.1.4-0.1~bpo2 Scan finished (5 seconds). |
Note: Not all webservers are handling HTTP status codes […]