{"id":31126794,"url":"https://github.com/ctkqiang/dirleaks","last_synced_at":"2026-05-15T13:31:32.824Z","repository":{"id":310666776,"uuid":"1040152721","full_name":"ctkqiang/dirleaks","owner":"ctkqiang","description":"dirleaks 是一款轻量级、高效的敏感路径扫描工具，专为 渗透测试人员、红队、安全研究员 设计。 它能够快速识别目标站点中常见的敏感文件、配置文件、备份文件和目录泄露问题，帮助安全从业者在信息收集阶段迅速发现潜在的攻击面。  本项目基于 C 语言 + libcurl 实现，保证了跨平台兼容性与性能，提供交互式终端菜单，简单易用，适合从个人测试到团队批量渗透任务。","archived":false,"fork":false,"pushed_at":"2025-08-20T14:51:48.000Z","size":46,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-17T23:02:32.174Z","etag":null,"topics":["c","china","chinese","clang","ctkqiang","curl","cybersecurity","dirleaks","hackertools","redteam","scanner","websecurity"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ctkqiang.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-18T14:32:57.000Z","updated_at":"2025-08-31T04:52:18.000Z","dependencies_parsed_at":"2025-08-19T15:36:10.567Z","dependency_job_id":null,"html_url":"https://github.com/ctkqiang/dirleaks","commit_stats":null,"previous_names":["ctkqiang/dirleaks"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/ctkqiang/dirleaks","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctkqiang%2Fdirleaks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctkqiang%2Fdirleaks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctkqiang%2Fdirleaks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctkqiang%2Fdirleaks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ctkqiang","download_url":"https://codeload.github.com/ctkqiang/dirleaks/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctkqiang%2Fdirleaks/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33068356,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-15T11:35:32.926Z","status":"ssl_error","status_checked_at":"2026-05-15T11:35:31.362Z","response_time":103,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","china","chinese","clang","ctkqiang","curl","cybersecurity","dirleaks","hackertools","redteam","scanner","websecurity"],"created_at":"2025-09-17T23:01:04.888Z","updated_at":"2026-05-15T13:31:32.771Z","avatar_url":"https://github.com/ctkqiang.png","language":"C","funding_links":["https://ko-fi.com/F1F5VCZJU","https://www.paypal.com/paypalme/ctkqiang"],"categories":[],"sub_categories":[],"readme":"# 渗透测试敏感路径扫描工具（dirleaks）\n\n## 项目简介\n\n**dirleaks** 是一款轻量级、高效的敏感路径扫描工具，专为 **渗透测试人员、红队、安全研究员** 设计。\n它能够快速识别目标站点中常见的敏感文件、配置文件、备份文件和目录泄露问题，帮助安全从业者在信息收集阶段迅速发现潜在的攻击面。\n\n本项目基于 **C 语言 + libcurl** 实现，保证了跨平台兼容性与性能，提供交互式终端菜单，简单易用，适合从个人测试到团队批量渗透任务。\n\n---\n\n## 功能特性\n\n* **多语言支持**：内置多种常见开发语言与运行环境的路径字典\n\n  * C# / Docker / Java / PHP / Python / Linux / Windows / 通用路径\n* **批量扫描**：可一次性对指定 URL 进行全量字典探测\n* **快速检测**：基于 libcurl 实现高效 HTTP 请求与状态码解析\n* **分类结果展示**：结果分为 `[找到] / [未找到] / [错误]`，清晰直观\n* **日志功能**：\n\n  * 支持开启全局日志模式，将完整扫描结果保存到 `out/目标名.log`\n  * 日志文件包含所有状态详情，便于后续分析与归档\n* **交互式菜单**：一键选择目标类型，无需复杂命令参数\n\n---\n\n## 使用方法\n\n### 编译项目\n\n确保已安装 GCC 与 libcurl 开发包：\n\n```bash\nmake\n```\n\n### 运行工具\n\n```bash\n./dirleaks\n```\n\n运行后进入交互式菜单：\n\n```\n=== 渗透工具向导菜单 ===\n0) 扫描所有路径\n1) C#\n2) Docker\n3) 通用路径\n4) Java\n5) Linux\n6) PHP\n7) Python\n8) Windows\n请选择 [0-8]:\n```\n\n输入目标 URL（如 `http://127.0.0.1:8080`）即可自动开始扫描。\n\n### 日志输出\n\n默认在终端展示结果。若在 `dirleaks.c` 中定义全局宏：\n\n```c\n#define ENABLE_LOG 1\n```\n\n则扫描结果会自动写入：\n\n```\nout/\u003c目标域名\u003e.log\n```\n\n日志中包含所有请求路径、状态码与分类，便于后续追踪与分享。\n\n---\n\n## 结果展示示例\n\n```text\n--- 扫描 PHP ---\n[x] /.env                     [找到] 状态: 200\n[ ] /vendor/                  [未找到] 状态: 403\n[ ] /app/etc/env.php          [错误]\n```\n\n说明：\n\n* `[找到]`：目标返回状态码为 200，存在敏感路径\n* `[未找到]`：请求成功，但路径不存在（通常 403/404）\n* `[错误]`：请求过程中出现超时或网络异常\n\n---\n\n## 目录结构\n\n```\n├── dirleaks.c         # 主程序入口\n├── include/           # 头文件目录\n│   ├── csharp_path.h\n│   ├── docker_path.h\n│   ├── generic_path.h\n│   ├── http.h\n│   ├── java_path.h\n│   ├── linux_path.h\n│   ├── php_path.h\n│   ├── python_path.h\n│   ├── scanner.h\n│   ├── tui.h\n│   └── windows_path.h\n├── src/               # 源码目录\n│   ├── csharp_path.c\n│   ├── docker_path.c\n│   ├── generic_path.c\n│   ├── http.c\n│   ├── java_path.c\n│   ├── linux_path.c\n│   ├── php_path.c\n│   ├── python_path.c\n│   ├── scanner.c\n│   ├── tui.c\n│   └── windows_path.c\n├── makefile           # 编译脚本\n├── Readme.md          # 项目说明文档\n└── out/               # 扫描日志输出目录\n```\n\n---\n\n## 依赖环境\n\n* GCC 编译器\n* libcurl 开发库\n\n  * macOS: `brew install curl`\n  * Debian/Ubuntu: `sudo apt-get install libcurl4-openssl-dev`\n  * CentOS/RHEL: `sudo yum install libcurl-devel`\n\n---\n\n## 法律合规与免责声明\n\n* 本工具仅供 **授权的渗透测试、安全研究、教育学习** 使用\n* 未经授权使用本工具对目标进行扫描，可能违反相关法律法规\n* 使用者须自行承担一切法律与道德责任\n* 作者不对任何非法使用行为负责\n\n---\n\n\n## 🌟 开源项目赞助计划\n\n### 用捐赠助力发展\n\n感谢您使用本项目！您的支持是开源持续发展的核心动力。  \n每一份捐赠都将直接用于：  \n✅ 服务器与基础设施维护（魔法城堡的维修费哟~）  \n✅ 新功能开发与版本迭代（魔法技能树要升级哒~）  \n✅ 文档优化与社区建设（魔法图书馆要扩建呀~）\n\n点滴支持皆能汇聚成海，让我们共同打造更强大的开源工具！  \n（小仙子们在向你比心哟~）\n\n---\n\n### 🌐 全球捐赠通道\n\n#### 国内用户\n\n\u003cdiv align=\"center\" style=\"margin: 40px 0\"\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\" width=\"300\"\u003e\n\u003cimg src=\"https://github.com/ctkqiang/ctkqiang/blob/main/assets/IMG_9863.jpg?raw=true\" width=\"200\" /\u003e\n\u003cbr /\u003e\n\u003cstrong\u003e🔵 支付宝\u003c/strong\u003e（小企鹅在收金币哟~）\n\u003c/td\u003e\n\u003ctd align=\"center\" width=\"300\"\u003e\n\u003cimg src=\"https://github.com/ctkqiang/ctkqiang/blob/main/assets/IMG_9859.JPG?raw=true\" width=\"200\" /\u003e\n\u003cbr /\u003e\n\u003cstrong\u003e🟢 微信支付\u003c/strong\u003e（小绿龙在收金币哟~）\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\u003c/div\u003e\n\u003c/div\u003e\n\n#### 国际用户\n\n\u003cdiv align=\"center\" style=\"margin: 40px 0\"\u003e\n  \u003ca href=\"https://qr.alipay.com/fkx19369scgxdrkv8mxso92\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Alipay-全球支付-00A1E9?style=flat-square\u0026logo=alipay\u0026logoColor=white\u0026labelColor=008CD7\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://ko-fi.com/F1F5VCZJU\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Ko--fi-买杯咖啡-FF5E5B?style=flat-square\u0026logo=ko-fi\u0026logoColor=white\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://www.paypal.com/paypalme/ctkqiang\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/PayPal-安全支付-00457C?style=flat-square\u0026logo=paypal\u0026logoColor=white\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://donate.stripe.com/00gg2nefu6TK1LqeUY\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Stripe-企业级支付-626CD9?style=flat-square\u0026logo=stripe\u0026logoColor=white\"\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\n---\n\n### 📌 开发者社交图谱\n\n#### 技术交流\n\n\u003cdiv align=\"center\" style=\"margin: 20px 0\"\u003e\n  \u003ca href=\"https://github.com/ctkqiang\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/GitHub-开源仓库-181717?style=for-the-badge\u0026logo=github\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://stackoverflow.com/users/10758321/%e9%92%9f%e6%99%ba%e5%bc%ba\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Stack_Overflow-技术问答-F58025?style=for-the-badge\u0026logo=stackoverflow\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://www.linkedin.com/in/ctkqiang/\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/LinkedIn-职业网络-0A66C2?style=for-the-badge\u0026logo=linkedin\"\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\n#### 社交互动\n\n\u003cdiv align=\"center\" style=\"margin: 20px 0\"\u003e\n  \u003ca href=\"https://www.instagram.com/ctkqiang\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Instagram-生活瞬间-E4405F?style=for-the-badge\u0026logo=instagram\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://twitch.tv/ctkqiang\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Twitch-技术直播-9146FF?style=for-the-badge\u0026logo=twitch\"\u003e\n  \u003c/a\u003e\n  \n  \u003ca href=\"https://github.com/ctkqiang/ctkqiang/blob/main/assets/IMG_9245.JPG?raw=true\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/微信公众号-钟智强-07C160?style=for-the-badge\u0026logo=wechat\"\u003e\n  \u003c/a\u003e\n\u003c/div\u003e\n\n---\n\n🙌 感谢您成为开源社区的重要一员！  \n💬 捐赠后欢迎通过社交平台与我联系，您的名字将出现在项目致谢列表！","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fctkqiang%2Fdirleaks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fctkqiang%2Fdirleaks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fctkqiang%2Fdirleaks/lists"}