FGscanner (FantaGhost Scanner) is an advanced, open-source URL scanner with proxy and TOR support.

It can find hidden contents on a web server using a dictionary based attack.

FGscanner read the Directories wordlist and analyze the HTTP return code. If the directory exist on the target FGscanner starts reading pages list for a dictionary-based attack. Depending by –dump switch, if the page exists FGscanner dump it on disk.

./fgscan.pl --host=hostname [--proxy=filepath] [--sec=n] [--dump] [--dirlist=filepath] 
 [--wordlist=filepath] [--tor] [--tordns] [--debug] [--help]
 
 --debug    : Print debug information
 --dirs     : Specify the directory list file
 --pages    : Specify the wordlist file
 --uarnd    : Enable User Agent randomization
 --host     : Specify hostname to scan (without http:// or https://)
 --proxy    : Specify a proxy list
 --sec	   : Seconds between requests. Value 999 will randomize delay between requests 
              from 1 to 30 seconds
 --dump     : Save found pages on disk
 --tor      : Use TOR as proxy for each request
 --tordns   : Use TOR to resolve hostname. Without this options DNS queries will be 
              directed to default DNS server outside TOR network
 --help     : Show this help
 

If you want to avoid detection you can use the following options:

• -tor switch to adddress GET requests via TOR network (TOR must be running on your system)

• -tordns to resolve target via TOR network (otherwise DNS request will be directed to your dns)

• -sec to slow down the scan or randomize time between requests

• -uarnd to randomize User-Agent.

git clone https://github.com/FantaGhost/FGscanner.git
 cd ./FGscanner
 chmod +x fgscan.pl