一个扫目录扫后台的工具【Sensitive Buster v 1.0】

Sensitive Buster是由国外***组织r00tw0rm开发的一款工具，他可以发现web服务器上存在的管理地址、敏感文件夹、备份文件等，使用python编写，并且开源。

用法：

1：安装python
2：打开命令行
3：./sensitivebuster.py -m -p Proxy

该软件运行有5款模式，分别如下：

-shell
-backup
-admin
-dir
-files

4-./sensitivebuster http://example.com -m backup -p

你也可以使用代理服务器进行扫描

5-./sensitivebuster http://example.com -m backup -p 127.0.0.1:8080

#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0
#0     _                   __           __       __                    	 1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          	     0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/                    1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\                    0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/                    1
#1                  \ \____/ >> Exploit database separated by exploit            0
#0                   \/___/          type (local, remote, DoS, etc.)             1
#1                                                                               1
#0  [+] Site            : 1337day.com                                            0
#1  [+] Support e-mail  : submit[at]1337day.com                                  1
#0                                                                               0
#1               #########################################                       1
#0      we are Angel Injection and th3breacher  members of Inj3ct0r Team        1
#1               #########################################                       0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=1
# This was written for educational purpose and pentest only.
# Use it at your own risk. Author will be not responsible for any damage!
# Coders      : th3breacher | Angel Injection
# Version     : 1
# Description : That's a Sensitive data buster , it has 5 modes :
#	 shell:It looks for known shells in a website
#	 backup:It looks for Backups in a website
#	 admin:It looks for admin pages
#	 dir:It looks for known sensitive Directories
#	 files:It looks for sensitive files
# Usage      :  Simply run ./sensitivebuster.py <http:url> -m <mode> -p <proxy>
#               the result will be logged in a .txt log file
# Tested on  :  linux(all) , Windows
# Special thanks to :  r0073r, r4dc0re, Sid3^effects, L0rd CrusAd3r, KedAns-Dz(1337day.com)
#                      CrosS ,Ataman, Versus71,satsura, mich4th3c0wb0y, FInnH@X, s3rver.exe (r00tw0rm.com)
#-------------------------------------|------------------------------------------#

可以按照自己的需求改改，比如强化字典神马的…

下载地址： http://dl.dropbox.com/u/71587404/sensitivebuster.zip 解压密码：r00tw0rm.com

版权声明：转载请注明出自: FreebuF.COM

转载于:https://blog.51cto.com/hackgy/949105