Awesome
bcrpscan
Base on crawler result web path scanner.
For a url which is a directory: http://test.com/a/, it will try to get:
http://test.com/a.zip
http://test.com/a.rar
http://test.com/a.tar.gz
...
For a url which is a file: http://test.com/b.php, it will try to get:
http://test.com/b.php.bak
http://test.com/b.php.1
...
Install
- Need: Python2.7
Usage
bcrpscan.py (-i import_url_list_file | -u url) [-c cookie_file] [-d db_path] [-h]
Example
$ python bcrpscan.py -i test_urls
2014-04-20 19:43:03,484 INFO: http://192.168.1.6/test
2014-04-20 19:43:13,625 INFO: http://192.168.1.6/test67187c0f
2014-04-20 19:43:13,632 INFO: http://192.168.1.6/test.tar.gz
2014-04-20 19:43:13,638 INFO: http://192.168.1.6/test.zip
2014-04-20 19:43:13,646 INFO: http://192.168.1.6/test.rar
2014-04-20 19:43:13,733 INFO: http://192.168.1.667187c0f
2014-04-20 19:43:13,862 INFO: http://192.168.1.6/test.tar.bz2
2014-04-20 19:43:13,867 INFO: [+] http://192.168.1.6/test.rar
2014-04-20 19:43:23,847 INFO: http://192.168.1.6/test.rar250
------------------------------
Probed web paths:
http://192.168.1.6/test.rar
Copyright (c) 2014 secfree, released under the GPL license