https://github.com/phra/nodebuster

DirBuster for Node.js
https://github.com/phra/nodebuster

Last synced: about 2 months ago
JSON representation

DirBuster for Node.js

• Host: GitHub
• URL: https://github.com/phra/nodebuster
• Owner: phra
• License: mit
• Created: 2018-04-09T23:19:56.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2019-03-21T20:15:13.000Z (over 5 years ago)
• Last Synced: 2024-04-24T07:23:38.024Z (5 months ago)
• Language: TypeScript
• Size: 182 KB
• Stars: 18
• Watchers: 4
• Forks: 2
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: code-of-conduct.md

Awesome Lists containing this project

README

        
# NodeBuster

## Description

NodeBuster, or yet another DirBuster clone, is a Node.js application to bruteforce directories and files on HTTP(S) servers.

[![asciicast](https://asciinema.org/a/VFKMpmV7URVPpjk9odcEaSsW4.png)](https://asciinema.org/a/VFKMpmV7URVPpjk9odcEaSsW4)

## Prerequisites

- Node.js 8+

## Install

- Using npx:

```bash

npx @phra/nodebuster -h

```

- Global install:

```bash

npm i -g @phra/nodebuster # install it globally (onetime and updates)

nodebuster -h

```

## Example

- Using npx:

```bash

npx @phra/nodebuster dir --extensions php,txt,old --cookies "asd=lol","lol=asd" --user-agent "nodebuster" http://localhost:8000/

```

- Global install:

```bash

nodebuster dir --extensions php,txt,old --cookies "asd=lol","lol=asd" --user-agent "nodebuster" http://localhost:8000/

```

## Wappalyzer

[Wappalyzer](https://github.com/AliasIO/Wappalyzer) was integrated to automagically guess the extensions to bruteforce based on the detected technologies. In order to use it the `--extensions` (`-e`) parameters must be omitted.

- Example with Wappalyzer:

```bash

nodebuster dir http://localhost:8000/

```

## Synopsis

```

   nodebuster.js 1.3.0 

   USAGE

     nodebuster.js dir 

   ARGUMENTS

            to attack      required      

   OPTIONS

     -w, --workers             Use n                      optional      default: 10                                                            

     -W, --wordlist            to use                   optional      default: "/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt"

     -U, --user-agent        to use                 optional      default: "nodebuster"                                                  

     -e, --extensions        to use                 optional      default: []                                                            

     -C, --cookies             Set                        optional      default: []                                                            

     -H, --headers              to use                    optional      default: []                                                            

     -f, --consecutive-fails            Stop after       optional      default: 15                                                            

   GLOBAL OPTIONS

     -h, --help         Display help                                      

     -V, --version      Display version                                   

     --no-color         Disable colors                                    

     --quiet            Quiet mode - only displays warn and error messages

     -v, --verbose      Verbose mode - will also output debug messages  

```