Feature Request: Custom Valid Response

OJ / gobuster

Directory/File, DNS and VHost busting tool written in Go

Apache License 2.0

10.08k stars 1.2k forks source link

Feature Request: Custom Valid Response #180

Open diogper opened 5 years ago

diogper commented 5 years ago

I have had contact with some cases that althouth the response is 200 OK, it is non interesting, because it is the way the web server responds by default, but then you check the page and it says Error.

So I remember Hydra has some flags where you could check for a positive answer if the http body matches some text or doesnt match some text. That would be nice, and brings flexibility to the tool.

Klambyyy commented 4 years ago

+1 Custom error pages often trip up my enumeration.

httpnotonly commented 4 years ago

diogper commented 4 years ago

I would like to add here, that this request feature could be complemented with this request: https://github.com/OJ/gobuster/issues/160#issue-467713912

I think having the possibility to set a custom valid response, would also fix the wildcard response IMO.