⭐ Star us on GitHub — it motivates a lot! ⭐
Web path discovery
Discover with ProSecFuzz hidden files and directories on a web server.
go get https://github.com/Proviesec/PSFuzz
Summary:
- the Wordlist is a text file, each line is a path.
- Here you get suitable lists: https://github.com/Proviesec/directory-payload-list
Required
- -u/-url Example: -u https://www.google.com
- -d/-dirlist Example: -d list.txt
Optional
- -s/-status Example: -s true Default:false only Status Code 200
- -c/-concurrency Example: -c 5
- -o/-Output Example: -o true
- Multi requests
- Optional param output
- Redirect handler - 301... -> Can be activated via parameter
- Output
- TXT
- HTML
- Wildcard parameter
- Pausing progress
- Progress bar
- List of URLs
- Parameter
- Port List
- Length
- Response Status List
- Words match list title/page
- Set Optional Header
- Set request Timeout
- Add Cookies
- 403 Bypass
- Status bypass
- Show positiv false: status 200, but title 404
- Show possible false 200, same length of startsite...
- Show titel of Page
- Fingerprint check
- fuzz Parameter check (normal Response vs. with paramter)
- compare two scans
- save scan
- load scan
- optional config file
- load config
- save config
- yaml file
- Proxy
go run main.go -url https://www.google.com -d list.txt -s true -c 2