šŸ“‚ Fastest Directory Bruteforcers

This page compares popular directory bruteforcing tools and includes handy scripts and online tools for usage.

Feroxbuster

A fast and simple directory/file bruteforcer written in Rust.

feroxbuster -u http://target -w wordlist.txt -r -x .php,.sql,.bak,.conf
#!/bin/bash

# ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€ā”€
# šŸŒ Ask for Target URL
read -p "šŸ”— Enter target URL (e.g., https://example.com): " TARGET_URL

# šŸ“„ Ask for Wordlist path
read -p "šŸ“‚ Enter path to wordlist (e.g., /usr/share/seclists/...): " WORDLIST

# šŸ§© File extensions to test (compressed, no spaces)
EXTS=$(echo ".php,.asp,.aspx,.jsp,.cgi,.pl,.py,.rb,.go,.conf,.cfg,.ini,.yaml,.yml,.json,.xml,.env,.bak,.old,.backup,.zip,.tar,.tar.gz,.rar,.7z,.txt,.log,.md,.csv,.sql,.db,.sqlite,.sqlite3,.test,.dev,.temp,.tmp,.example,.sample,.swp,.orig,.html,.htm,.js,.css,.map,.git,.svn,.DS_Store,.htaccess,.htpasswd,.pdf,.doc,.docx,.xls,.xlsx,.ppt,.pptx,.pem,.crt,.key,.p12,.pfx" | tr -d ' ')

# šŸ Start the scan
echo -e "\nšŸš€ Starting feroxbuster scan on $TARGET_URL ..."
feroxbuster -u "$TARGET_URL" \
  -w "$WORDLIST" \
  -x "$EXTS" \
  -r -t 100 --depth 3 \
  --status-codes 200,204,301,302,403 \
  -o "ferox-output.txt"

# šŸ“¦ Done!
echo -e "\nāœ… Scan complete. Output saved to: ferox-output.txt"

āš ļø Actual speeds may vary depending on server response time, connection quality, and system resources.

Feroxbuster Extractor Tool

← Go Back