RustBuster : DirBuster for Rust

RustBuster is a tool to dirbuster for rust and following are the 4 modes(Dir mode, Dns mode, Vhost mode, Fuzz mode) that are currently being implemented.

Dir mode
***********
rustbuster -m dir -u http://localhost:3000/ -w examples/wordlist -e php
Dns mode
***********
rustbuster -m dns -u google.com -w examples/wordlist
Vhost mode
**************
rustbuster -m vhost -u http://localhost:3000/ -w examples/wordlist -d test.local -x “Hello”
Fuzz mode
************
rustbuster -m fuzz -u http://localhost:3000/login \
-X POST \
-H “Content-Type: application/json” \
-b ‘{“user”:”FUZZ”,”password”:”FUZZ”,”csrf”:”CSRFCSRF”}’ \
-w examples/wordlist \
-w /usr/share/seclists/Passwords/Common-Credentials/10-million-password-list-top-10000.txt \ -s 200

You can download prebuilt binaries from here.

Also Read – TOR Router : A Tool That Allow You To Make TOR Your Default Gateway

Usage

USAGE:
rustbuster [FLAGS] [OPTIONS] –url –wordlist …

FLAGS:
-f, –append-slash Tries to also append / to the base request
-K, –exit-on-error Exits on connection errors
-h, –help Prints help information
-k, –ignore-certificate Disables TLS certificate validation
–no-banner Skips initial banner
–no-progress-bar Disables the progress bar
-V, –version Prints version information
-v, –verbose Sets the level of verbosity

OPTIONS:
–csrf-header … Adds the specified headers to CSRF GET request
–csrf-regex Grabs the CSRF token applying the specified RegEx
–csrf-url Grabs the CSRF token via GET to csrf-url
-d, –domain Uses the specified domain
-e, –extensions Sets the extensions [default: ]
-b, –http-body Uses the specified HTTP method [default: ]
-H, –http-header … Appends the specified HTTP header
-X, –http-method Uses the specified HTTP method [default: GET]
-S, –ignore-status-codes Sets the list of status codes to ignore [default: 404]
-x, –ignore-string … Ignores results with specified string in the HTTP Body
-s, –include-status-codes Sets the list of status codes to include [default: ]
-i, –include-string … Includes results with specified string in the HTTP body
-m, –mode Sets the mode of operation (dir, dns, fuzz) [default: dir]
-o, –output Saves the results in the specified file [default: ]
-t, –threads Sets the amount of concurrent requests [default: 10]
-u, –url Sets the target URL
-a, –user-agent Uses the specified User-Agent [default: rustbuster]
-w, –wordlist … Sets the wordlist

Download
R K

Share
Published by
R K
Tags: DirBusterRustRustBuster
6 years ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

3 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

3 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

5 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

1 week ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago