Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Enchant is is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 bin
Octocat-spinner-32 db
Octocat-spinner-32 lib
Octocat-spinner-32 spec
Octocat-spinner-32 .gitignore
Octocat-spinner-32 Gemfile
Octocat-spinner-32 Gemfile.lock
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.md
Octocat-spinner-32 Rakefile
Octocat-spinner-32 directory_list
README.md

enchant

README

As far as today (20120912) enchant project it will be stopped and all the features will be covered by links project I wrote to automate robots.txt scan.

Introdution

enchant is is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach.

The purpose is for security guys to discover a web application exposed paths without knowing anything about the app they have to test.

Some disclaimer

enchant makes a lot of HTTP GET requests so it can cause the following to the target server:

  • slow down
  • denial of services

Please be ethical and use this tool only against website you're allowed to stress test.

Installing enchant

enchant is deployed as standard gem served by rubygems.

To install latest enchant stable release, just issue this command:

gem install enchant

If you want to install a pre release, such as a release candidate you can do it this way:

gem install enchant --pre

Using enchant

You can use enchant to discover web application folders just specifying the URL and using a default wordlist file stored internally (is the one deployed with Owasp DirBuster).

bin/enchant www.some.org

Or you can also use the wordlist you love most

bin/enchant -w mylist.txt www.some.org

Contributing to enchant

  • Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
  • Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
  • Fork the project
  • Start a feature/bugfix branch
  • Commit and push until you are happy with your contribution
  • Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
  • Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.

Copyright

Copyright (c) 2010-2012 Paolo Perego, thesp0nge@gmail.com. See LICENSE for further details.

Something went wrong with that request. Please try again.