H2Buster is a threaded, recursive, web directory brute-force scanner over HTTP/2 using hyper, inspired by Gobuster. Following are the features;
Also Read – Versionscan : A PHP Version Scanner For Reporting Possible Vulnerabilities
Install
You only need to install one dependency. If you don’t have hyper, run:
pip3 install -r requirements.txt
Usage
usage: h2buster.py [-h] -w wordlist -u target [-r directory_depth]
[-c connections] [-t threads] [-nc] [-x extension_list]
h2buster: an HTTP/2 web directory brute-force scanner.
arguments:
-h, –help show this help message and exit
-w wordlist Directory wordlist
-u target Target URL/IP address (host[:port]). Default port is 443
and HTTPS enabled. To specify otherwise, use ‘:port’ or
‘http://’ (port will default to 80 then).
-r directory_depth Maximum recursive directory depth. Minimum is 1, default
is 2, unlimited is 0.
-c connections Number of HTTP/2 connections. Default is 3.
-t threads Number of threads per connection. Default is 20.
-nc Disable colored output text.
-x extension_list List of file extensions to check separated by a
semicolon. For example, -x ‘.php;.js;blank;/’ will check
.php, .js, blank and / for every wordlist entry. The
‘blank’ keyword signifies no file extension. Default
extensions are ‘/’, ‘blank’, ‘.html’, ‘.php’
Why Do We Check Files in Bash? When writing a Bash script, you often work…
If you’re learning Bash scripting, one of the most useful features you’ll come across is…
If you are new to Bash scripting or Linux shell scripting, one of the most…
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…
Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…