feroxbuster - Trickest Platform Documentation

Name:feroxbuster

Category:Discovery

Publisher:trickest-mhmdiaa

Created:9/7/2022

Container:quay.io/trickest/feroxbuster:v2.11.0

Output Type:

License:Unknown

Source:View Source

Parameters

data

file

--dataRequest's Body - The file name starts with an `@` (ex: @post.bin)

json

boolean

required

--jsonEmit JSON logs to output instead of normal text

depth

string

--depthMaximum recursion depth, a depth of 0 is infinite recursion (default: 4)

proxy

string

--proxyProxy to use for requests (ex: http(s)://host:port, socks5(h)://host:port)

query

string

--queryRequest's URL query parameters (ex: token=stuff)

quiet

boolean

--quietHide progress bars and banner

smart

boolean

--smartSet --extract-links, --auto-tune, --collect-words, and --collect-backups to true

silent

boolean

--silentOnly print URLs

string

--cookiesSpecify HTTP cookies to be used in each request (ex: stuff=things)

headers

string

--headersSpecify HTTP headers to be used in each request (ex: Header:val)

methods

string

--methodsWhich HTTP request method(s) should be sent (default: GET)

threads

string

--threadsNumber of concurrent threads (default: 50)

timeout

string

--timeoutNumber of seconds before a client's request times out (default: 7)

insecure

boolean

--insecureDisables TLS certificate validation in the client

no-state

boolean

--no-stateDisable state output file (*.state)

parallel

string

--parallelRun parallel feroxbuster instances

protocol

string

--protocolSpecify the protocol to use when targeting via --request-file or --url with domain only (default: https)

thorough

boolean

--thoroughUse the same settings as --smart and set --collect-extensions and --scan-dir-listings to true

url-list

file

required

List of target URLs

wordlist

file

required

--wordlistWordlist

add-slash

boolean

--add-slashAppend / to each request's URL

auto-bail

boolean

--auto-bailAutomatically stop scanning when an excessive amount of errors are encountered

auto-tune

boolean

--auto-tuneAutomatically lower scan rate when an excessive amount of errors are encountered

dont-scan

string

--dont-scanURL(s) or Regex Pattern(s) to exclude from recursion/scans

redirects

boolean

--redirectsAllow client to follow redirects

verbosity

string

Increase verbosity level (use -vv or more for greater effect. [CAUTION] 4 v's is probably too much)

client-key

file

--client-keyAdd a PEM encoded private key for mutual authentication (mTLS)

extensions

string

--extensionsFile extension(s) to search for (ex: php pdf js)

limit-bars

string

--limit-barsNumber of directory scan bars to show at any given time (default: no limit)

rate-limit

boolean

--rate-limitLimit number of requests per second (per directory) (default: 0, i.e. no limit)

scan-limit

string

--scan-limitLimit total number of concurrent scans (default: 0, i.e. no limit)

time-limit

string

--time-limitLimit total run time of all scans (ex: --time-limit 10m)

user-agent

string

--user-agentSets the User-Agent (default: feroxbuster/2.7.1)

client-cert

file

--client-certAdd a PEM encoded certificate for mutual authentication (mTLS)

dont-filter

boolean

--dont-filterDon't auto-filter wildcard responses

filter-size

string

--filter-sizeFilter out messages of a particular size (ex: 4927,1970)

resume-from

file

--resume-fromState file from which to resume a partially complete scan (ex. --resume-from ferox-1606586780.state)

dont-collect

string

--dont-collectFile extension(s) to Ignore while collecting extensions (only used with `collect-extensions`)

filter-lines

string

--filter-linesFilter out messages of a particular line count (ex: 31,30)

filter-regex

string

--filter-regexFilter out messages via regular expression matching on the response's body/headers (ex: -X '^ignore me$')

filter-words

string

--filter-wordsFilter out messages of a particular word count (ex: 91,82)

no-recursion

boolean

--no-recursionDo not scan recursively

random-agent

boolean

--random-agentUse a random User-Agent

replay-codes

string

--replay-codesStatus Codes to send through a Replay Proxy when found (default: --status-codes value)

replay-proxy

string

--replay-proxySend only unfiltered requests through a Replay Proxy, instead of all requests

request-file

file

--request-fileRaw HTTP request file to use as a template for all requests

server-certs

file

--server-certsAdd custom root certificate(s) for servers with unknown certificates

status-codes

string

--status-codesStatus Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)

collect-words

boolean

--collect-wordsAutomatically discover important words from within responses and add them to the wordlist

filter-status

string

--filter-statusFilter out status codes (deny list) (ex: 401)

collect-backups

string

--collect-backupsAutomatically request likely backup extensions for found urls (default: ~, .bak, .bak2, .old, .1)

force-recursion

boolean

--force-recursionForce recursion attempts on all 'found' endpoints (still respects recursion depth)

filter-similar-to

string

--filter-similar-toFilter out pages that are similar to the given page (ex: http://site.xyz/soft404)

scan-dir-listings

boolean

--scan-dir-listingsForce scans to recurse into directory listings (default: false)

collect-extensions

boolean

--collect-extensionsAutomatically discover extensions and add them to --extensions (unless they're in `dont-collect`)

dont-extract-links

boolean

--dont-extract-linksDon't extract links from response body (html, javascript, etc...

Library

Parameters