This plugin finds directories on a web server by brute-forcing their names using a wordlist. Given the large amount of time that this plugin can consume, by default, it will only try to identify directories in the web root (“/”), ignoring the path that is sent as its input. Two configurable parameters exist:
- wordlist: The wordlist to be used in the directory bruteforce process.
- be_recursive: If set to True, this plugin will bruteforce all
directories, not only the root directory.
|wordlist||input_file||plugins/crawl/dir_bruter/common_dirs_small.db||Wordlist to use in directory bruteforcing process.||No detailed help available|
|be_recursive||boolean||True||If set to True, this plugin will bruteforce all directories, not only the root directory.||WARNING: Enabling this will make the plugin send LOTS of requests.|
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
This plugin has no dependencies.