RustBuster : DirBuster for Rust

RustBuster is a tool to dirbuster for rust and following are the 4 modes(Dir mode, Dns mode, Vhost mode, Fuzz mode) that are currently being implemented.

Dir mode
***********
rustbuster -m dir -u http://localhost:3000/ -w examples/wordlist -e php
Dns mode
***********
rustbuster -m dns -u google.com -w examples/wordlist
Vhost mode
**************
rustbuster -m vhost -u http://localhost:3000/ -w examples/wordlist -d test.local -x “Hello”
Fuzz mode
************
rustbuster -m fuzz -u http://localhost:3000/login \
-X POST \
-H “Content-Type: application/json” \
-b ‘{“user”:”FUZZ”,”password”:”FUZZ”,”csrf”:”CSRFCSRF”}’ \
-w examples/wordlist \
-w /usr/share/seclists/Passwords/Common-Credentials/10-million-password-list-top-10000.txt \ -s 200

You can download prebuilt binaries from here.

Also Read – TOR Router : A Tool That Allow You To Make TOR Your Default Gateway

Usage

USAGE:
rustbuster [FLAGS] [OPTIONS] –url –wordlist …

FLAGS:
-f, –append-slash Tries to also append / to the base request
-K, –exit-on-error Exits on connection errors
-h, –help Prints help information
-k, –ignore-certificate Disables TLS certificate validation
–no-banner Skips initial banner
–no-progress-bar Disables the progress bar
-V, –version Prints version information
-v, –verbose Sets the level of verbosity

OPTIONS:
–csrf-header … Adds the specified headers to CSRF GET request
–csrf-regex Grabs the CSRF token applying the specified RegEx
–csrf-url Grabs the CSRF token via GET to csrf-url
-d, –domain Uses the specified domain
-e, –extensions Sets the extensions [default: ]
-b, –http-body Uses the specified HTTP method [default: ]
-H, –http-header … Appends the specified HTTP header
-X, –http-method Uses the specified HTTP method [default: GET]
-S, –ignore-status-codes Sets the list of status codes to ignore [default: 404]
-x, –ignore-string … Ignores results with specified string in the HTTP Body
-s, –include-status-codes Sets the list of status codes to include [default: ]
-i, –include-string … Includes results with specified string in the HTTP body
-m, –mode Sets the mode of operation (dir, dns, fuzz) [default: dir]
-o, –output Saves the results in the specified file [default: ]
-t, –threads Sets the amount of concurrent requests [default: 10]
-u, –url Sets the target URL
-a, –user-agent Uses the specified User-Agent [default: rustbuster]
-w, –wordlist … Sets the wordlist

Download
R K

Share
Published by
R K
Tags: DirBusterRustRustBuster
6 years ago

Recent Posts

Nmap cheat sheet for beginners

Nmap (Network Mapper) is a free tool that helps you find devices on a network,…

7 hours ago

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 week ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 week ago

How to Use the touch Command in Linux

The touch command is one of the quickest ways to create new empty files or update timestamps…

1 week ago

How to Search Files and Folders in Linux Using the find Command

Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…

1 week ago

How to Move and Rename Files in Linux with the mv Command

Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…

1 week ago