full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] OWASP DirBuster 0.11.1 Rel

[Full-disclosure] OWASP DirBuster 0.11.1 Released

From: James Fisher <dirbuster_at_nospam>
Date: Wed Aug 20 2008 - 14:42:39 GMT
To: full-disclosure <full-disclosure@lists.grok.org.uk>

A new version of the OWASP DirBuster Project is ready to be downloaded.

If you are not familiar with this OWASP project, DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.

Features include:

  • Multi threaded has been recorded at over 6000 requests/sec
  • Works over both http and https
  • Scan for both directory and files
  • Will recursively scan deeper into directories it finds
  • Able to perform a list based or pure brute force scan
  • DirBuster can be started on any directory
  • Custom HTTP headers can be added
  • Proxy support
  • Auto switching between HEAD and GET requests
  • Content analysis mode when failed attempts come back as 200
  • Custom file extensions can be used
  • Performance can be adjusted while the program in running
  • Supports Basic, Digest and NTLM auth

Further information and downloads can be found at https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

James Fisher

This message was sent using IMP, the Internet Messaging Program.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/