.png)
4 years ago
210 BOOK THIS SPACE FOR AD
ARTICLE AD
Today I learned about an update to a tool called feroxbuster from my good friend STÖK. If you do not follow him, you should. He did a quick overview on a few tools in the video below:
I am a big fan of fuff, gobuster, and Burp Suite. However, I have never tested feroxbuster, so I decided to give it a quick try and I really liked what I saw!
Kudos to Ben “epi” Risher (@epi052) the main contributor/author of feroxbuster.
It is fast.It seems to be extensible and works well in different operating systems.Very easy to use.Integrates well with Burp Suite (as a proxy).The feroxbuster documentation is pretty simple; however, I decided to demonstrated further.
The installation just took a few seconds. I installed feroxbuster on WebSploit (the learning environment I created for several of my books, video courses, and live training). At the end of the day, WebSploit runs on top of Kali Linux.
downloaded the zip file using wgetunziped it.used apt to install it ;-)
The following is a quick demonstration of running feroxbuster against one of the intentionally vulnerable containers in WebSploit that I created for a few workshops at the DEF CON Red Team Village. In the demonstration below, you can see the tool usage and “integration” with Burp Suite. In other words, how to send the requests via Burp Suite. This is very handy when performing web application penetration testing and/or bug bounties.
I may create additional quick (one minute) demonstrations of other tools useful for reconnaissance, vulnerability analysis, exploitation, and post-exploitation. You can also obtain thousands of references, resources, tools, and tutorials at one of my GitHub repositories at https://h4cker.org/github
Have fun! Hack the Planet!
Bengali (Bangladesh) · 
English (United States) ·