feroxbuster
A fast, simple, recursive content discovery tool written in Rust. (by epi052)
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments. (by RhinoSecurityLabs)
Our great sponsors
| feroxbuster | pacu | |
|---|---|---|
| 12 | 10 | |
| 5,250 | 4,014 | |
| - | 2.1% | |
| 8.2 | 8.8 | |
| 8 days ago | 19 days ago | |
| Rust | Python | |
| MIT License | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
feroxbuster
Posts with mentions or reviews of feroxbuster.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-06-07.
-
gobuster or dirbuster or dirb
Ferox https://github.com/epi052/feroxbuster
- Blackbox testing web API's?
- Fastest webpath scanner out here?
-
Trying to learn fuzzing, not sure if I am doing it right...
Suggest using feroxbuster since you can brute force directories recursivly. Try
-
Your daily toolbox as a pentester
feroxbuster to do some web app browsing (you have also gobuster)
-
What's the best Linux CLI tool to scan a website for hidden pages/files/directories?
feroxbuster is a powerful mutli-threaded dir enumerator but be careful if you use it. It can crash websites if it hits them too fast.
-
TOR in a python script
Have you tried feroxbuster?
-
What are some underrated (legal) tools that you have used during the OSCP that no one talks about or knows?
I redirect you here : https://github.com/epi052/feroxbuster
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
-
Here's my quick tutorial on using Dirbuster! Enjoy!
Dirbuster always bugs for me, I can't change anything after starting an attack without getting the entire GUI messed up. I recommend trying out ffuf or feroxbuster.
pacu
Posts with mentions or reviews of pacu.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-02-23.
-
De um mimo até a elevação de privilégios na Cloud
Pra isso, usei a belíssima ferramenta Pacu https://github.com/RhinoSecurityLabs/pacu.
-
Should I be afraid of aws cloud as a security analyst?
ScoutSuite and Pacu (or Lava for Azure) are great tools and it's worth learning what they can do.
-
How do I build a network on AWS to capture flow data?
Not related to your original question, but you might want to take a look at pacu for simulating attacks.
- Pacu: The Open Source AWS Exploitation Framework
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
- 🏹 Pacu: Framework de explotación de AWS #SeguridadOfensiva
-
Conducting a vulnerability scan on an AWS VPC
We're starting to work with Pacu for AWS testing. It's a bit more targeted to exploitation than vulnerability testing. https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
- RhinoSecurityLabs/pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
What are some alternatives?
When comparing feroxbuster and pacu you can also consider the following projects:
ffuf - Fast web fuzzer written in Go
ScoutSuite - Multi-Cloud Security Auditing Tool
gobuster - Directory/File, DNS and VHost busting tool written in Go
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
wfuzz - Web application fuzzer
lava - Microsoft Azure Exploitation Framework
dirble - Fast directory scanning and scraping tool
quark-engine - Dig Vulnerabilities in the BlackBox
aws-well-architected-labs - Hands on labs and code to help you learn, measure, and build using architectural best practices.
tanoshi - Selfhosted web manga reader.
endgame - An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈