Open In App

BFAC – Backup File Artifacts Checker

Last Updated : 10 Oct, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

BFAC or Backup File Artifacts Checker tool is an automated tool that aims to verify or check the backup artifacts that can reveal the building code or source code of the web-based application. These artifacts are very much sensitive as they contain sensitive information like passwords, directory structure, and many more. BFAC tool is developed in the Python language and is available on the GitHub platform. BFAC tool is an open-source and free-to-use tool. BFAC tool supports a multi-threading approach for faster results.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of BFAC Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/mazen160/bfac.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd bfac/

Step 3: You are in the directory of the bfac. Now you have to install a dependency of the bfac using the following command.

sudo pip3 install -r requirements.txt

Step 4: Build the tool by using the following command.

sudo python3 setup.py install

Step 5: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

bfac -h

Working with BFAC Tool on Kali Linux OS

Example 1: Check a single URL.

bfac --url http://testphp.vulnweb.com/login.php

Example 2: Check a list of URLs.

bfac --list lists.txt

We are scanning multiple target URLs at the same time.

We have got the results for our multiple URLs scan.

Example 3: Single URL with a different level (level 2 for example).

bfac –url http://testphp.vulnweb.com/login.php –level 2

Example 4: Single URL and show the results only.

bfac --no-text --url http://testphp.vulnweb.com/login.php

Example 5: Limit the test to exposed DVCS tests.

bfac --dvcs-test --url http://testphp.vulnweb.com/login.php

Example 6: Verify the existence of files using Content-Length checks only.

bfac -u http://testphp.vulnweb.com/login.php –technique content_length

We are verifying the existence of files that contains only the Content-Length check.

Example 7: Verify the existence of files using Status-Code checks only.

bfac –technique status_code -u http://testphp.vulnweb.com/login.php

We are verifying the existence of files that contain only the Status-Code check.

Example 8: Exclude results with specific status codes.

bfac –exclude-status-codes 301,999,400 -u http://testphp.vulnweb.com/login.php

We have excluded status codes 301,999,400 from our scan. We have got the results excluding the specified status codes.



Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
How to Conduct OS Fingerprinting with Xprobe2
Share your thoughts in the comments

Similar Reads

Rdiff-backup - A Local and Remote Backup Tool for Linux
rdiff-backup Command in Linux with Examples
Create incremental backup in linux using tar
How to Setup GMVault Gmail Backup on Linux
A Versatile System Backup Script for Linux
CloudBerry Backup for Linux a Review and Installation
How to Use Rsync to Make a Remote Linux Backup
Spoofcheck - Domain Spoofer Checker in kali linux
Recce - Domain status checker
Subzy - Subdomain takeover Vulnerability Checker Tool

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox