Created
November 21, 2022 15:17
-
-
Save nullenc0de/c68ab56f9d2d0debdbd01d3113daeec6 to your computer and use it in GitHub Desktop.
pip3 install asyncio and pip3 install import aiohttp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import aiohttp | |
| import time | |
| import sys | |
| import argparse | |
| import os | |
| parser = argparse.ArgumentParser(description='Directory Bruteforce') | |
| parser.add_argument('-u', '--url', help='URL to bruteforce', required=True) | |
| parser.add_argument('-w', '--wordlist', help='Wordlist to use', required=True) | |
| parser.add_argument('-t', '--threads', help='Number of threads to use', required=False, default=10) | |
| parser.add_argument('-v', '--verbose', help='Verbose output', required=False, action='store_true') | |
| args = parser.parse_args() | |
| url = args.url | |
| wordlist = args.wordlist | |
| threads = int(args.threads) | |
| verbose = args.verbose | |
| if not os.path.isfile(wordlist): | |
| print('[!] Wordlist does not exist') | |
| sys.exit(1) | |
| async def fetch(session, url): | |
| async with session.get(url) as response: | |
| return await response.text() | |
| async def main(): | |
| async with aiohttp.ClientSession() as session: | |
| tasks = [] | |
| with open(wordlist, 'r') as f: | |
| for line in f: | |
| line = line.strip() | |
| if line == '': | |
| continue | |
| tasks.append(fetch(session, url + '/' + line)) | |
| responses = await asyncio.gather(*tasks) | |
| for response in responses: | |
| if verbose: | |
| print(response) | |
| if '404' not in response: | |
| print('[+] Found: ' + url + '/' + line) | |
| if __name__ == '__main__': | |
| start = time.time() | |
| loop = asyncio.get_event_loop() | |
| loop.run_until_complete(main()) | |
| end = time.time() | |
| print('[*] Completed in ' + str(end - start) + ' seconds') |
This was like my 20th revision. It's not that great. At this point ffuf is
still faster.
…On Mon, Nov 21, 2022, 8:01 PM pudsec ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
threads isn't used anywhere?
—
Reply to this email directly, view it on GitHub
<https://gist.github.com/c68ab56f9d2d0debdbd01d3113daeec6#gistcomment-4377213>
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHGWJK7ICKZUCRN5HF46PBTWJQLODBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFQKSXMYLMOVS2I5DSOVS2I3TBNVS3W5DIOJSWCZC7OBQXE5DJMNUXAYLOORPWCY3UNF3GS5DZVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVEYTCOJUGU3TQNRUU52HE2LHM5SXFJTDOJSWC5DF>
.
You are receiving this email because you authored a thread.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>
.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
threadsisn't used anywhere?