Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/JohnWoodman/FES
Fast Endpoint Scanner
https://github.com/JohnWoodman/FES
Last synced: 21 days ago
JSON representation
Fast Endpoint Scanner
- Host: GitHub
- URL: https://github.com/JohnWoodman/FES
- Owner: JohnWoodman
- Created: 2020-07-17T21:49:16.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-12-23T04:50:16.000Z (almost 4 years ago)
- Last Synced: 2024-08-05T17:42:50.967Z (4 months ago)
- Language: Rust
- Size: 152 MB
- Stars: 52
- Watchers: 3
- Forks: 6
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - JohnWoodman/FES - Fast Endpoint Scanner (Rust)
README
# FES - Fast Endpoint Scanner
A web application endpoint scanner written in Rust, designed to put less load on the domains it scans with parsing features to help grab the important stuff (inspired by tomnomnom's meg).
```
_____ _____ _____
/\ \ /\ \ /\ \
/::\ \ /::\ \ /::\ \
/::::\ \ /::::\ \ /::::\ \
/::::::\ \ /::::::\ \ /::::::\ \
/:::/\:::\ \ /:::/\:::\ \ /:::/\:::\ \
/:::/__\:::\ \ /:::/__\:::\ \ /:::/__\:::\ \
/::::\ \:::\ \ /::::\ \:::\ \ \:::\ \:::\ \
/::::::\ \:::\ \ /::::::\ \:::\ \ ___\:::\ \:::\ \
/:::/\:::\ \:::\ \ /:::/\:::\ \:::\ \ /\ \:::\ \:::\ \
/:::/ \:::\ \:::\____\/:::/__\:::\ \:::\____\/::\ \:::\ \:::\____\
\::/ \:::\ \::/ /\:::\ \:::\ \::/ /\:::\ \:::\ \::/ /
\/____/ \:::\ \/____/ \:::\ \:::\ \/____/ \:::\ \:::\ \/____/
\:::\ \ \:::\ \:::\ \ \:::\ \:::\ \
\:::\____\ \:::\ \:::\____\ \:::\ \:::\____\
\::/ / \:::\ \::/ / \:::\ /:::/ /
\/____/ \:::\ \/____/ \:::\/:::/ /
\:::\ \ \::::::/ /
\:::\____\ \::::/ /
\::/ / \::/ /
\/____/ \/____/
```## Installation
### Debian Based
[You can download the latest binary or .deb file from the releases page](https://github.com/JohnWoodman/FES/releases)
### Building From Source
1. Make sure you have cargo and rust installed
2. Git clone the repo
3. cd into the git repo and run `carg build --release`
4. The binary is located at `target/release/fes`
5. You can then symlink to the binary or move it to a directory in your PATH
## Usage
```
fes 1.1
John Woodman
Fast Endpoint Scanner Built In RustUSAGE:
fes [FLAGS] [OPTIONS] --paths --urlsFLAGS:
-a, --anomalies Output sorted anomalous responses based on hashed response body (use with -t, default
threshold is 3) (requires -g flag)
-r, --follow-redirect Follow redirects (up to 10)
-s, --hash-output Store only the hash of the response body (takes up a lot less space)
-h, --help Prints help information
-V, --version Prints version information
-v, --verbose Verbose outputOPTIONS:
-f, --status-code=
Filter and store only the specified status codes (comma separated)-g, --parse
Specify this flag for parsing an existing fes output directory (this flag is required in order to use the
following parsing flags: --anomalies (-a), --keyword (-k), --anomaly-threshold (-t)
-d, --disallowed-status-code=
Filter and don't store the specified status codes (comma separated)-k, --keyword=
Specify keywords to search for in responses to output (comma separated) (requires -g flag)-t, --anomaly-threshold
Specify the minimum threshold of duplicate responses for anomalies (requires -g flag)-c, --concurrency Set the number of parallel requests [default: 20]
-o, --output Specify the directory for output [default: fes_out]
-p, --paths File with list of endpoints
-x, --timeout Specify the timeout (in seconds) for the requests [default: 3]
-u, --urls File with list of urls
```
## Examples
The below example scans the given urls.txt for the given paths.txt, only saving responses with status code 200 (-f=200), following redirects (-r), sending 100 requests at a time (-c 100), and storing the output in the directory `test_output/` (-o test_output):
```
fes --paths paths.txt --urls urls.txt -f=200 -r -c 100 -o test_output
```
The below example is parsing an already existing FES output directory (-g test_output/), printing unique responses (-a), and printing responses that contain the keyword "password" (-k=password):
```
fes -g test_output/ -a -k=password
```