feroxbuster
feroxbuster uses brute force combined with a word list to search for unlinked content in target directories and find sensitive information about web applications and operating systems, such as source code, credentials, internal network addresses, etc.
This attack is also known as Predictable Resource Location, File Enumeration, Directory Enumeration, and Resource Enumeration.
How I like to use it
feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt --dont-filter --depth 2 --dont-extract-links -C 404 --random-agent -x (language extension from the website) Basic Usage
feroxbuster -u http://example.com #Basic Scan
feroxbuster -u http://example.com -v #Verbose Output
feroxbuster -u http://example.com --silent #Silent Mode (Results Only)
feroxbuster -u http://example.com --json #JSON OutputWordlists and Extensions
feroxbuster -u http://example.com -w /path/to/wordlist.txt #Use Custom Wordlist
feroxbuster -u http://example.com -x php,html,txt #Attach Extension File
feroxbuster -u http://example.com -x js,json,css -w mylist.txt #Combine Extensions and Wordlist
feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/common.txt #Use Sequence ListsRecursive Scan
feroxbuster -u http://example.com -r #Enable Recursive Scan
feroxbuster -u http://example.com -r --depth 3 #Set Maximum Recursion Depth
feroxbuster -u http://example.com -r --auto-tune #Optimize for Recursion
feroxbuster -u http://example.com -r --scan-complete-signal #Stop at the End of the ScanInstallation and Configuration
feroxbuster -u http://example.com -r #Enable Recursive Scanning
feroxbuster -u http://example.com -r --depth 3 #Set Maximum Recursion Depth
feroxbuster -u http://example.com -r --auto-tune #Optimize for Recursion
feroxbuster -u http://example.com -r --scan-complete-signal #Stop at the End of the ScanFiltering and Output
feroxbuster -u http://example.com --filter-size 1234 #Delete Size Responses Specific
feroxbuster -u http://example.com --filter-words 100 # Exclude responses with X words
feroxbuster -u http://example.com --filter-lines 20 # Exclude responses with X lines
feroxbuster -u http://example.com -o results.txt # Save results to a file
feroxbuster -u http://example.com -o results.json -f json # Save as JSON
feroxbuster -u http://example.com -s 200,204,301,302 # Include only certain status codes
feroxbuster -u http://example.com -C 403,404 # Exclude specific status codes
feroxbuster -u http://example.com --output-format=json --quiet # Output JSON, no text displayed ProgressPerformance Tuning
feroxbuster -u http://example.com -t 100 #Increase threads for faster scanning
feroxbuster -u http://example.com --rate-limit 10 #Limit requests per second
feroxbuster -u http://example.com --timeout 5 #Set Request Timeout
feroxbuster -u http://example.com --auto-tune #Automatic Optimization for Speed
feroxbuster -u http://example.com --no-state #Disable State File (For Large Scans)
feroxbuster -u http://example.com --scan-limit 5000 #Stop After 5000 RequestsAuthentication and Proxies
feroxbuster -u http://example.com -H "Authorization: Basic <base64_credentials>" #Basic Authentication
feroxbuster -u http://example.com --proxy http://127.0.0.1:8080 #Use HTTP Proxy
feroxbuster -u http://example.com --proxy socks5://127.0.0.1:9050 #Use SOCKS5 Proxy
feroxbuster -u http://example.com --proxy http://username:password@127.0.0.1:8080 #Proxy with Authentication
feroxbuster -u http://example.com -H "Cookie: sessionid=abc123" #Use Custom CookiesWildcard Handling
feroxbuster -u http://example.com --dont-filter #Disable Automatic Filtering Wildcards
feroxbuster -u http://example.com --filter-lines 10 #Filter Responses with 10 Lines (Help with Wildcards)
feroxbuster -u http://example.com --replay-proxy http://127.0.0.1:8080 #Replay Requests via ProxyBypass Techniques
feroxbuster -u http://example.com -H "X-Original-URL: /admin" #Bypass Security Filters
feroxbuster -u http://example.com -H "X-Rewrite-URL: /admin" #Another Bypass Method
feroxbuster -u http://example.com -H "X-Custom-IP-Authorization: 127.0.0.1" #WAF Circumvention
feroxbuster -u http://example.com -H "X-IP-Original: 127.0.0.1" #Other WAF Bypass
feroxbuster -u http://example.com --url-encode #Encode URLs to Avoid DetectionCustom Headers and User Agents
feroxbuster -u http://example.com -H "User Agent: Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.6998.166 Safari/537.36" #Set Custom User Agent
feroxbuster -uhttp://example.com -H "Referrer: https://google.com" # Spoofed Referrer
feroxbuster -u http://example.com --random-agent #Use Random User Agent
feroxbuster -u http://example.com -H "X-Forwarded-To: 127.0.0.1" # Spoofed-Forwarded-To-XCombining Options
feroxbuster -u http://example.com -w /path/to/word-list.txt -x php,html -r -t 100 -o results.txt # Broad Scan
feroxbuster -u http://example.com -w admin-list.txt --proxy socks5://127.0.0.1:9050 # Stealth Scan via Proxy
feroxbuster -u http://example.com -H "Authorization: Bearer <token>" -r -o admin_panels.txt #Admin Panel Discovery
feroxbuster -u http://example.com -H "User-Agent: Googlebot" -x php,html,js -o bot_scan_results.txt #Googlebot ImpersonationTroubleshooting
feroxbuster -u http://example.com --debug-log ferox_debug.log #Debugging
feroxbuster -u http://example.com --verbose #Enable Verbose Output
feroxbuster -u http://example.com --no-recursion #Disable Recursion if Stuck
feroxbuster -u http://example.com --resume-from results.txt #Resume from Last ScanBest Practices
feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/raft-large-words.txt -t 100 -r -o ferox_results.txt #Large-Scale Scanning
feroxbuster -u http://example.com -w custom-wordlist.txt --proxy socks5://127.0.0.1:9050 #Cover Scanning via Proxy
feroxbuster -u http://example.com -x php,html,js -H "User-Agent: Googlebot" -o bot_scan_results.txt #Web Crawler Spoofing
feroxbuster -u http://example.com --auto-tune --rate-limit 5 --proxy socks5://127.0.0.1:9050 #Optimized Cloaking Scan