webFileScanner.pl – simple file & directory brute-force utility

Here’s a simple utility i coded up using perl + lwp to blindly request files from a webserver + print the status code that’s returned. Functionally, it’s similar to the excellent ‘Dirbuster,’ but without the overhead of Java.


jcran@marzban:~/toolkit-new/nix/brute-web$ ./webFileScanner.pl
Usage: ./webFileScanner.pl [ip or hostname] [file with urls] [https?])]


jcran@marzban:~/toolkit-new/nix/brute-web$ ./webFileScanner.pl http://0x0e.com ../../wordlist/directory-list-1.0.txt


url: http://0x0e.com/healthyliving - status: 404
url: http://0x0e.com/healthy_living - status: 404
url: http://0x0e.com/pl0p - status: 200
url: http://0x0e.com/relationships - status: 404
url: http://0x0e.com/his - status: 404
url: http://0x0e.com/history - status: 404
url: http://0x0e.com/ancient - status: 404
url: http://0x0e.com/family - status: 404

The output is grep-able & LWP makes it quite simple to add additional features as needed. For instance, you could quickly instruct LWP to save ‘status: 200’ pages to disk.

You can download the file here.

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s