Easy way to brute-force web directory.
- MacOSX
- Kali Linux
- Ubuntu 16.04
python crawlbox.py [-h] [-v] [-w WORDLIST] url
positional arguments:
url specific target url, like domain.com
optional arguments:
-h, --help show this help message and exit -v, --version show program's version number and exit -w WORDLIST specific path to wordlist file -d DELAY add delay between requests
web site scan with internal wordlist
python crawlbox.py www.domain.com
web site scan with external wordlist
python crawlbox.py www.domain.com -w wordlist.txt
(as root)
git clone https://github.com/abaykan/crawlbox.git cd crawlbox/ pip install -r requirements.txt python crawlbox.py -h
note: tested with python 2.7.6
- Seucurity Training Share : https://securityonline.info/crawlbox-brute-force-web-directory/
- PentestTools : https://pentesttoolz.com/2018/03/02/crawlbox-easy-way-to-brute-force-web-directory/
- Hacking Reviews : https://www.hacking.reviews/2018/03/crawlbox-easy-way-to-brute-force-web.html
- KitPloit : https://www.kitploit.com/2018/03/crawlbox-easy-way-to-brute-force-web.html
- Haxf4rall : http://haxf4rall.com/2018/03/08/crawlbox-easy-way-to-brute-force-web-directory/
- The Hack Today : https://thehacktoday.com/crawlbox-easy-way-brute-force-web-directory/
- SAPSI Security Service http://sapsi.org/crawlbox-easy-way-to-brute-force-web-directory/