基于爬虫结果的web路径扫描程序。
对于目录为http://test.com/a/的url,它将尝试获取:
http://test.com/a.zip
http://test.com/a.rar
http://test.com/a.tar.gz
...
对于文件为http://test.com/b.php的url,它将尝试获取:
http://test.com/b.php.bak
http://test.com/b.php.1
...
- 需要:蟒蛇2.7
bcrpscan.py (-i import_url_list_file | -u url) [-c cookie_file] [-d db_path] [-h]
$ python bcrpscan.py -i test_urls
2014-04-20 19:43:03,484 INFO: http://192.168.1.6/test
2014-04-20 19:43:13,625 INFO: http://192.168.1.6/test67187c0f
2014-04-20 19:43:13,632 INFO: http://192.168.1.6/test.tar.gz
2014-04-20 19:43:13,638 INFO: http://192.168.1.6/test.zip
2014-04-20 19:43:13,646 INFO: http://192.168.1.6/test.rar
2014-04-20 19:43:13,733 INFO: http://192.168.1.667187c0f
2014-04-20 19:43:13,862 INFO: http://192.168.1.6/test.tar.bz2
2014-04-20 19:43:13,867 INFO: [+] http://192.168.1.6/test.rar
2014-04-20 19:43:23,847 INFO: http://192.168.1.6/test.rar250
------------------------------
Probed web paths:
http://192.168.1.6/test.rar
版权所有(c)2014 secfree,根据GPL许可证发布