pybuster v1.1
pybuster is a tool that is used to brute-force URLs of web servers.
Features
- Directory busting (URI)
- URL replace patterns (put PYBUSTER in URL for it to get replaced with current word)
- Multiple threads
- Clean data outputting
- Custom success status code selection
- Custom wordlist selection
Command Line Usage
usage: pybuster.py mode [-h] --wordlist WORDLIST --threads THREADS --url URL [--success SUCCESS]
positional arguments:
mode Mode to run pybuster [dir,subdomain]
optional arguments:
-h, --help show this help message and exit
--wordlist WORDLIST Full path to wordlist
--threads THREADS Number of threads to use
--url URL URL to check
--success SUCCESS Success status codes, split by comma [optional]
Why should i use this over gobuster?
The gobuster tool might be overall quicker, and it might be better in other fields, but;
- This tool runs on python3, which is pre-installed on most systems
- It uses pip3 for modules, and it only requires one, requests, which is already installed in most systems
- It is easier to understand python code over go code, when you aren't a programmer, thus you can easily edit this.
- Faster setup, you dont need to install golang, you can start it directly.
Changes in v1.1
Features below, +;
- Added subdomain search mode
- Changed cli usage, changed "dns" to "subdomain"
- Use python3 pybuster.py subdomain to start to scan for subdomains
- The url shall not change, do not try to do https://PYBUSTER.url.com, this will break the tool, it will automatically do that, just write out the URL normally, like; https://url.com.
- Minor changes to outputting
Changes in v1.0
First stable release, with main features, +:
- Clean outputting
- Easy exiting out of threads
- Cleaner display of found URLs/URIs
- Time formatting better, still need to modify a small thing, when time is 1am, 5 minutes, it will show 1:5, but it should show 01:05.
- Mode still not changing anything, although you can use pattern to check for subdomains and other things
- Slightly modified src/script.py to make it less CPU intensive, so more threads can run.
- Exiting only requires you to press enter
- Cleaner exiting summary.
Changes in v0.1.0
- Can select mode (still only dir mode is fully supported)
- used python argparse module for cleaner commandline arguments
- URL pattern to replace, you can put PYBUSTER in the URL, and it will replace it with the current wordlist item. Example: http://PYBUSTER.glaukio.com/ (do NOT put PYBUSTER in the end of the URL, for example; /PYBUSTER, it will start checking the URL like this; /wordlist_item/wordlist_item!)
Changes in v0.0.1
- Added base files
- Support for dir mode
- Custom thread selection
- CLI-like interface for displaying data while-running, no long outputs
- On exit, show a summary of what happend
- Pipe between threads
- Stop on command
- Custom wordlist selection
- Custom sucess status selection
5 Oct 8, 2022
3 Sep 26, 2022
13 Nov 3, 2022
11 Apr 11, 2022
0 Jan 10, 2022
20 Nov 12, 2022
10 Oct 19, 2022
1 Nov 15, 2021
3 Jan 28, 2022
4 Dec 21, 2021
4 Feb 03, 2022
1 Dec 16, 2021
408 Jan 03, 2023
16 Oct 08, 2022
33 Sep 28, 2022
1 Jan 27, 2022
307 Dec 24, 2022
7 Jan 07, 2022
287 Nov 09, 2022
6 Dec 09, 2022
5 Apr 09, 2022
39 Nov 28, 2022
86 Dec 31, 2022
22 Nov 09, 2022
224 Aug 05, 2022
56 Jul 31, 2022
123 Dec 19, 2022
134 Dec 16, 2022
1 Feb 12, 2022