[Full-disclosure] OWASP DirBuster 0.11.1 Released

From: James Fisher <dirbuster_at_nospam>
Date: Wed Aug 20 2008 - 14:42:39 GMT
To: full-disclosure <full-disclosure@lists.grok.org.uk>

A new version of the OWASP DirBuster Project is ready to be downloaded.

If you are not familiar with this OWASP project, DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.

Features include:

Multi threaded has been recorded at over 6000 requests/sec
Works over both http and https
Scan for both directory and files
Will recursively scan deeper into directories it finds
Able to perform a list based or pure brute force scan
DirBuster can be started on any directory
Custom HTTP headers can be added
Proxy support
Auto switching between HEAD and GET requests
Content analysis mode when failed attempts come back as 200
Custom file extensions can be used
Performance can be adjusted while the program in running
Supports Basic, Digest and NTLM auth

Further information and downloads can be found at https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

James Fisher

This message was sent using IMP, the Internet Messaging Program.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

This message: [ Message body ]
Next message: Robert Holgstad: "Re: [Full-disclosure] OWASP DirBuster 0.11.1 Released"
Previous message: Sir Mordred: "Re: [Full-disclosure] Deep Blind SQL Injection Whitepaper"
Next in thread: Robert Holgstad: "Re: [Full-disclosure] OWASP DirBuster 0.11.1 Released"
Reply: Robert Holgstad: "Re: [Full-disclosure] OWASP DirBuster 0.11.1 Released"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]