Feroxbuster
Feroxbuster
Feroxbuster is a fast, recursive content discovery tool designed for web penetration testing. It efficiently scans websites and directories for hidden files, endpoints, and misconfigurations using brute-force techniques. With its multi-threaded approach, Feroxbuster helps pentesters uncover attack surfaces, aiding in web application pentesting and bug hunting.
Installation and Setup
Using apt
curl -sLO https://github.com/epi052/feroxbuster/releases/latest/download/feroxbuster_amd64.deb.zip unzip feroxbuster_amd64.deb.zip sudo apt install ./feroxbuster_*_amd64.deb
Using Pacman for the Arch Linux
pacman -S feroxbuster
Using Chocolatey community repos
choco install feroxbuster
Using Docker
docker pull epi052/feroxbuster sudo docker run --init -it epi052/feroxbuster -u http://example.com -x js,html
Using Homebrew on MacOS
brew install feroxbuster
Using Kali Linux
sudo apt update && sudo apt install -y feroxbuster
Using Snap
sudo snap install feroxbuster
Basic Usage
feroxbuster -u http://example.com #Basic Scan feroxbuster -u http://example.com -v #Verbose Output feroxbuster -u http://example.com --silent #Silent Mode (Only Results) feroxbuster -u http://example.com --json #JSON Output
Wordlists and Extensions
feroxbuster -u http://example.com -w /path/to/wordlist.txt #Use Custom Wordlist feroxbuster -u http://example.com -x php,html,txt #Append File Extensions feroxbuster -u http://example.com -x js,json,css -w mylist.txt #Combine Extensions & Wordlist feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/common.txt #Use SecLists
Recursive Scanning
feroxbuster -u http://example.com -r #Enable Recursive Scanning feroxbuster -u http://example.com -r --depth 3 #Set Maximum Recursion Depth feroxbuster -u http://example.com -r --auto-tune #Optimize for Recursion feroxbuster -u http://example.com -r --scan-complete-signal #Stop When Scan is Done
Installation and Setup
feroxbuster -u http://example.com -r #Enable Recursive Scanning feroxbuster -u http://example.com -r --depth 3 #Set Maximum Recursion Depth feroxbuster -u http://example.com -r --auto-tune #Optimize for Recursion feroxbuster -u http://example.com -r --scan-complete-signal #Stop When Scan is Done
Filtering and Output
feroxbuster -u http://example.com --filter-size 1234 #Exclude Responses of Specific Size feroxbuster -u http://example.com --filter-words 100 #Exclude Responses with X Words feroxbuster -u http://example.com --filter-lines 20 #Exclude Responses with X Lines feroxbuster -u http://example.com -o results.txt #Save Results to a File feroxbuster -u http://example.com -o results.json -f json #Save as JSON feroxbuster -u http://example.com -s 200,204,301,302 #Include Only Certain Status Codes feroxbuster -u http://example.com -C 403,404 #Exclude Specific Status Codes feroxbuster -u http://example.com --output-format=json --quiet #JSON Output, No Progress Display
Performance Tuning
feroxbuster -u http://example.com -t 100 #Increase Threads for Faster Scanning feroxbuster -u http://example.com --rate-limit 10 #Limit Requests Per Second feroxbuster -u http://example.com --timeout 5 #Set Request Timeout feroxbuster -u http://example.com --auto-tune #Auto-Optimize for Speed feroxbuster -u http://example.com --no-state #Disable State File (For Large Scans) feroxbuster -u http://example.com --scan-limit 5000 #Stop After 5000 Requests
Authentication and Proxies
feroxbuster -u http://example.com -H "Authorization: Basic <base64_credentials>" #Basic Auth feroxbuster -u http://example.com --proxy http://127.0.0.1:8080 #Use HTTP Proxy feroxbuster -u http://example.com --proxy socks5://127.0.0.1:9050 #Use SOCKS5 Proxy feroxbuster -u http://example.com --proxy 127.0.0.1:8080 --proxy-cred user:pass #Proxy with Authentication feroxbuster -u http://example.com -H "Cookie: sessionid=abc123" #Use Custom Cookies
Wildcard Handling
feroxbuster -u http://example.com --dont-filter #Disable Automatic Wildcard Filtering feroxbuster -u http://example.com --filter-lines 10 #Filter Responses with 10 Lines (Helps with Wildcards) feroxbuster -u http://example.com --replay-proxy http://127.0.0.1:8080 #Replay Requests Through Proxy
Bypass Techniques
feroxbuster -u http://example.com -H "X-Original-URL: /admin" #Bypass Security Filters feroxbuster -u http://example.com -H "X-Rewrite-URL: /admin" #Another Bypass Method feroxbuster -u http://example.com -H "X-Custom-IP-Authorization: 127.0.0.1" #WAF Evasion feroxbuster -u http://example.com -H "X-Originating-IP: 127.0.0.1" #Another WAF Bypass feroxbuster -u http://example.com --url-encode #Encode URLs to Evade Detection
Custom Headers and User-Agents
feroxbuster -u http://example.com -H "User-Agent: Mozilla/5.0" #Set Custom User-Agent feroxbuster -u http://example.com -H "Referer: https://google.com" #Spoof Referrer feroxbuster -u http://example.com --random-agent #Use Random User-Agent feroxbuster -u http://example.com -H "X-Forwarded-For: 127.0.0.1" #Spoof X-Forwarded-For
Combining Options
feroxbuster -u http://example.com -w /path/to/wordlist.txt -x php,html -r -t 100 -o results.txt #Large Scan feroxbuster -u http://example.com -w adminlist.txt --proxy socks5://127.0.0.1:9050 #Stealth Scan via Proxy feroxbuster -u http://example.com -H "Authorization: Bearer <token>" -r -o admin_panels.txt #Admin Panel Discovery feroxbuster -u http://example.com -H "User-Agent: Googlebot" -x php,html,js -o bot_scan_results.txt #Mimic Googlebot
Troubleshooting
feroxbuster -u http://example.com --debug-log ferox_debug.log #Debugging feroxbuster -u http://example.com --verbose #Enable Verbose Output feroxbuster -u http://example.com --no-recursion #Disable Recursion if Stuck feroxbuster -u http://example.com --resume-from results.txt #Resume from Last Scan
Best Practices
feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/raft-large-words.txt -t 100 -r -o ferox_results.txt #Large Scale Scanning feroxbuster -u http://example.com -w custom-wordlist.txt --proxy socks5://127.0.0.1:9050 #Stealth Scanning via Proxy feroxbuster -u http://example.com -x php,html,js -H "User-Agent: Googlebot" -o bot_scan_results.txt #Mimic Web Crawlers feroxbuster -u http://example.com --auto-tune --rate-limit 5 --proxy socks5://127.0.0.1:9050 #Optimized Stealth Scan