-
-
Save abdulsec/02a2b7c25d7464c4c24a26e906cc8877 to your computer and use it in GitHub Desktop.
This is a simple script that bruteforces the web directory with a dictionary or wordlist, it is very simple and fast and does it works properly. You are free to modify the code according to your need.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| usage :- | |
| python <url> <wordlist> <extension> | |
| for example : | |
| python http://www.google.com/ common.txt .php | |
| it supports all extensions & wordlists. | |
| if you just want subdirectories write "/" in place of extension it will find it for you. | |
| ''' | |
| import requests | |
| import random | |
| import time | |
| import sys | |
| url = sys.argv[1] | |
| wordlist = sys.argv[2] | |
| ext = sys.argv[3] | |
| def write(word): | |
| f1 = open("write1.txt","a") | |
| f1.write(word +"\n") | |
| fo = open(wordlist,"r+") | |
| for i in range(2000): | |
| word = fo.readline(10).strip() | |
| surl = url+word+ext | |
| #print (surl) | |
| response = requests.get(surl) | |
| #print (response) | |
| if (response.status_code == 200): | |
| print ("[+] found :- ",surl) | |
| write(word) | |
| else: | |
| print ("[-] Not found :- ",surl) | |
| pass | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment