- Joined
- Jan 8, 2019
- Messages
- 56,604
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,446
- Points
- 2,313
- Credits
- 32,560
6 Years of Service
76%
What the heck is a ferox anyway?
Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation.
What’s it do tho?
feroxbuster is a tool designed to perform Forced Browsing.
Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application but are still accessible by an attacker.
feroxbuster uses brute force combined with a wordlist to search for unlinked content in target directories. These resources may store sensitive information about web applications and operational systems, such as source code, credentials, internal network address, etc…
This attack is also known as Predictable Resource Location, File Enumeration, Directory Enumeration, and Resource Enumeration.
Changelog v2.9.2
changed default value for --extract-links to true => added --dont-extract-links to turn off the new default behavior by @epi052 in #834
can load a wordlist from its url over http/https by @epi052 in #834
updated README with alternative installation methods for brew and chocolatey by @aancw in #824
fixed divide by zero error by @epi052 in #834
added check for forced recursion when directory listing detected by @epi052 in #834