4 releases
| 0.1.4 | Jun 17, 2023 |
|---|---|
| 0.1.3 | Jun 16, 2023 |
| 0.1.2 | Jun 16, 2023 |
| 0.1.1 | Jun 16, 2023 |
| 0.1.0 |
|
#10 in #force
30KB
183 lines
WBUSTER
Description ❤
A simple tool for brute forcing web directories! This tool is designed to be used in a penetration testing environment and is not intended for malicious use. Only supports GET requests and single sweep at the moment. Note: This is one of my first Rust projects, so the code is not the best. I am still learning the language and will continue to improve the code as I learn more. This is also a very early version of the tool, so there are still many features that I plan to add 😅
Screenshots 📸
Installation 📥
Cargo Install
cargo install wbuster
From Source
git clone https://github.com/0bject-0bject/wbuster.git
cd wbuster
cargo build --release
./target/release/wbuster
Usage 🧰
This tool works with the dirbuster word lists (txt only), and any other word list that is formatted the same way. The tool will automatically remove any comments and blank lines from the word list. The tool will also automatically add a "/" to the end of the URL if it is not already there.
This tool also works with json files that are formatted like this
{
"directories": [
"/path1",
"/path2",
"/path3"
]
}
CLI example:
wbuster --path PATH/TO/WORDLIST.TXT --url URL --threads 10 --timeout 10
Arguments 📝
| Argument | Description | Example | Required | Default |
|---|---|---|---|---|
| --path | Path to wordlist | --path /usr/share/wordlists/dirb/common.txt | True | Null |
| --url | URL to brute force | --url http://example.com | True | Null |
| --threads | Number of threads to use | --threads 10 | False | 1 |
| --timeout | Timeout for each request (seconds) | --timeout 10 | False | 10 |
Examples 📚
wbuster --path /usr/share/wordlists/dirb/common.txt --url http://example.com
wbuster --path /usr/share/wordlists/dirb/common.txt --url http://example.com --threads 10 --timeout 10
License 📜
Licensed under the MIT license (LICENSE)
Dependencies
~6–18MB
~257K SLoC