[WEB SECURITY] Directory discovering

Andre Gironda andreg at gmail.com
Fri May 6 12:23:18 EDT 2011


On Fri, May 6, 2011 at 2:02 AM, Brtnik, Vojtech (NL - Amstelveen)
<VBrtnik at deloitte.nl> wrote:
> this is an interesting approach, could you elaborate a bit more on it?

Here is similar work, with explanations, done by Mavituna Security:
http://www.mavitunasecurity.com/blog/svn-digger-better-lists-for-forced-browsing/

> 1) what do you get out of using multiple tools? It occurs to me that running DirBuster (for instance) brings you to the frontier of what you can get out of a directory discovery test. It's all about having a good list of dirs/files. Thus running fuzzdb and JBroFuzz on the top of Dirbuster (or the other way around) seems to me a bit like wasting of time, which is indeed limited. In my cases, most of the times, Nikto discovers almost everything already and there is a very little need for an elaborate brute-forcing, but this could be only my limited experience.

I like all of those tools and their concepts. It is tricky trying to
get the results from them without running them in parallel or
serially. I instead suggest to somehow combine their capabilities,
perhaps by writing your own tool that incorporates all of their
capabilities and concepts.

> 2) What do you exactly mean by "run the list through a single-pane-of-glass tool like Burp"? What do you want to achieve by that? I'm using burp occasionally, but can't figure out which functionality you had in mind...

Burp provides me simplicity and ease of use, as well as familiarity. I
was thinking of importing the list as an Intruder payload set and
configuring a fuzzing position on a single insertion point, such as
the final "/" in http://www.site.com/

-Andre




More information about the websecurity mailing list