feroxbuster 2.8.0 https://github.com/epi052/feroxbuster/releases/ epi052 epi052 https://github.com/epi052/feroxbuster https://rawcdn.githack.com/epi052/feroxbuster/2d381e7e057ce60c580b324dd36c9abaf30c2ec7/img/logo/logo.png 2020-2023 https://github.com/epi052/feroxbuster/blob/main/LICENSE true https://github.com/epi052/feroxbuster https://epi052.github.io/feroxbuster-docs/docs/ https://github.com/epi052/feroxbuster/issues content-discovery pentesting-tool url-bruteforcer

A simple, fast, recursive content discovery tool written in Rust

A simple, fast, recursive content discovery tool written in Rust [](https://github.com/epi052/feroxbuster) ## What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. ## What's it do tho? `feroxbuster` is a tool designed to perform [Forced Browsing](https://owasp.org/www-community/attacks/Forced_browsing). Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker. `feroxbuster` uses brute force combined with a wordlist to search for unlinked content in target directories. These resources may store sensitive information about web applications and operational systems, such as source code, credentials, internal network addressing, etc... This attack is also known as Predictable Resource Location, File Enumeration, Directory Enumeration, and Resource Enumeration. ## Quick Start This section will cover the minimum amount of information to get up and running with feroxbuster. Please refer the the [documentation](https://epi052.github.io/feroxbuster-docs/docs/), as it's much more comprehensive. ### Installation There are quite a few other [installation methods](https://epi052.github.io/feroxbuster-docs/docs/installation/), but these snippets should cover the majority of users. #### All others Docs Please refer the the [documentation](https://epi052.github.io/feroxbuster-docs/docs/). ## Example Usage Here are a few brief examples to get you started. Please note, feroxbuster can do a **lot more** than what's listed below. As a result, there are **many more** examples, with **demonstration gifs** that highlight specific features, in the [documentation](https://epi052.github.io/feroxbuster-docs/docs/). ### Multiple Values Options that take multiple values are very flexible. Consider the following ways of specifying extensions: ``` ./feroxbuster -u http://127.1 -x pdf -x js,html -x php txt json,docx ``` The command above adds .pdf, .js, .html, .php, .txt, .json, and .docx to each url All of the methods above (multiple flags, space separated, comma separated, etc...) are valid and interchangeable. The same goes for urls, headers, status codes, queries, and size filters.