Finding directory listing on system is very crucial, because with directory listing, maybe you can perform Local File Inclusion (LFI) attack. For sys-admin you have to check the permission on your system file to secure your important data. And also attacker can enter the system in sub-domains, if your main domain is not vulnerable, another options to enter the system is sub-domain. So, make sure your sub-domain is also secure.
What is this URLBrute
URLBrute is a tool to help you brute forcing website sub-domains and dirs.
Can be used with python3 and python2. This tool will help you to test your website security by perform brute forcing directories and sub-domains.
- requests >= 2.21.0
- bs4 >= 0.0.1
- datetime >= 4.3
In Windows, install python 3.7, then run cmd as administrator:
Credits to danTaler who created the wordlists.