Scout - Lightweight URL Fuzzer And Spider: Discover A Web Server'S Undisclosed Files, Directories And VHOSTs


Scout is a URL fuzzer and spider for discovering undisclosed VHOSTS, files and directories on a web server.


A full word list is included in the binary, meaning maximum portability and minimal configuration. Aim and fire!

Usage

Discover URLs on a given web server. version Display scout version. vhost Discover VHOSTs on a given web server. Flags: -d, --debug Enable debug logging. -h, --help help for scout -n, --no-colours Disable coloured output. -p, --parallelism int Parallel routines to use for sending requests. (default 10) -k, --skip-ssl-verify Skip SSL certificate verification. -w, --wordlist string Path to wordlist file. If this is not specified an internal wordlist will be used. ">
Usage:  scout [command]Available Commands:  help        Help about any command  url         Discover URLs on a given web server.  version     Display scout version.  vhost       Discover VHOSTs on a given web server.Flags:  -d, --debug             Enable debug logging.  -h, --help              help for scout  -n, --no-colours        Disable coloured output.  -p, --parallelism int   Parallel routines to use for sending requests. (default 10)  -k, --skip-ssl-verify   Skip SSL certificate verification.  -w, --wordlist string   Path to wordlist file. If this is not specified an internal wordlist will be used.

Discover URLs

Flags

-x, --extensions

File extensions to detect. (default php,htm,html,txt])

-f, --filename

Filename to seek in the directory being searched. Useful when all directories report 404 status.

-H, --header

Extra header to send with requests e.g. -H "Cookie: PHPSESSID=blah"

-c, --status-codes

HTTP status codes which indicate a positive find. (default 200,400,403,500,405,204,401,301,302)

-m, --method

HTTP method to use.

-s, --spider

Scan page content for links and confirm their existence.

Full example

$ scout url http://192.168.1.1    [+] Target URL      http://192.168.1.1  [+] Routines        10   [+] Extensions      php,htm,html   [+] Positive Codes  200,302,301,400,403,500,405,204,401,301,302    [302] http://192.168.1.1/css  [302] http://192.168.1.1/js  [302] http://192.168.1.1/language  [302] http://192.168.1.1/style  [302] http://192.168.1.1/help  [401] http://192.168.1.1/index.htm  [302] http://192.168.1.1/image  [200] http://192.168.1.1/log.htm  [302] http://192.168.1.1/script  [401] http://192.168.1.1/top.html  [200] http://192.168.1.1/shares  [200] http://192.168.1.1/shares.php  [200] http://192.168.1.1/shares.htm  [200] http://192.168.1.1/shares.html  [401] http://192.168.1.1/traffic.htm  [401] http://192.168.1.1/reboot.htm  [302] http://192.168.1.1/debug  [401] http://192.168.1.1/debug.htm  [401] http://192.168.1.1/debug.html  [4   01] http://192.168.1.1/start.htm    Scan complete. 28 results found. 

Discover VHOSTs

$ scout vhost https://google.com    [+] Base Domain     google.com  [+] Routines        10   [+] IP              -  [+] Port            -   [+] Using SSL       true    account.google.com  accounts.google.com  blog.google.com  code.google.com  dev.google.com  local.google.com  m.google.com  mail.google.com  mobile.google.com  www.google.com  admin.google.com  chat.google.com    Scan complete. 12 results found.

Installation

curl -s "https://raw.githubusercontent.com/liamg/scout/master/scripts/install.sh" | bash



Source: www.kitploit.com
Scout - Lightweight URL Fuzzer And Spider: Discover A Web Server'S Undisclosed Files, Directories And VHOSTs Scout - Lightweight URL Fuzzer And Spider: Discover A Web Server'S Undisclosed Files, Directories And VHOSTs Reviewed by Zion3R on 5:33 AM Rating: 5