Open Isona opened 5 years ago
Hi! I don't want to open a new issue for this so I'm commenting here. First of all, great tool, I've been using it for a few days and works like a charm.
I would like to suggest a feature from "dirb" from Ramon. He implemented some kind of heuristic to infer "negative status codes", that is, a response that represents a 404 not found. That could be anything (a 200 response with a custom not found error, a 500 response with fixed size, a 302 that always redirects to the same site, etc).
He implemented it here: https://github.com/v0re/dirb/blob/master/src/calculanec.c
Is it possible to add this to the roadmap?
Thank you!!
Leandro
EDIT: I just saw the readme file that mentions that "Tune 404 based on size/redirection" is not supported.
Hi, I'm glad you like Dirble, and I was planning on adding this feature but seem to have forgotten to put it on the road map - I've added it now, under Scanning.
It's planned as part of a larger overhaul to the thread system in the threading overhaul branch right now (currently only has some changes to the way output is handled, but more will be happening). My idea is to have a thread specifically handling target validation, including a similar heuristic to Dirb, this would allow for a few related features which shouldn't bog down other threads.
Hopefully I'll get this out in the next few weeks!
I was about to open a feature request on the 200 error detection, at least something "basic" such as: If /AAAAA
and /BBBBB
return HTTP 200
and the same size, consider that combination of HTTP code and size a "not found".
And also, as said above, it's an awesome tool. There are lots of directory enumeration tools, but this one is pretty awesome (in my case, mostly for the false positive reduction in most cases).
And also, now that we are here, I'll leave my opinion about one of the features that you mentioned above, the screenshots.
There are multiple tools that we can use for that and that work pretty well (gowitness, Eyewitness). We could concatenate the output of Dirble to those tools and I think it's better to improve Dirble on its own functionalities than adding things that I don't think are the strong arm of the tool (also for the sake of simplicity and the concept of having one tool that does its job the best).
My two cents.
A list of features that would be nice to add, listed in no particular order:
Input
Error Checking
Output
Scraping
Scanning
Releasing
Actions