OpenDoor – OWASP Directory Access Scanner in Kali Linux
Brute-Forcing is an automated process through which Usernames, Passwords can be detected by querying the possible credentials on the target domain login pages. We can also brute-force hidden files and directories on the target server by specifying the possible word-list which contains the phrases that will be tested on the domain. This process saves a lot of time for the tester as manual testing can be very unreliable. OpenDoor is the tool used for brute-forcing the credentials, admin pages, files, and directories on the target domain server. An OpenDoor tool is an automated tool developed in the Python language. OpenDoor application will scan the site directories and find all possible ways to log in, empty directories, and entry points. OpenDoor tool is free and available on GitHub. This tool is also Open-source so anyone can contribute to the repository and add some new features to it.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process – Python Installation Steps on Linux
Installation of OpenDoor Tool on Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/stanislav-web/OpenDoor.git
Step 2: Now use the following command to move into the directory of the tool. You have to move to the directory to run the tool.
Step 3: You are in the directory of the OpenDoor. Now you have to install a dependency of the OpenDoor using the following command.
sudo pip3 install -r requirements.txt
Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.
python3 opendoor.py -h
Working with OpenDoor Tool on Kali Linux OS
Example 1: Target host (ip); –host http://example.com
python3 opendoor.py --host "http://geeksforgeeks.org"
In this example, we are enumerating hidden directories on the target domain geeksforgeeks.org.
OpenDoor tool is performing brute-forcing for detection of directories and files on the target server.
Example 2: Scan type scan=directories or scan=subdomains
python3 opendoor.py --host "http://geeksforgeeks.org" --scan subdomains
In this example, we are performing subdomain enumeration on geeksforgeeks.org. We have used –scan tag for enumerating subdomains.
OpenDoor tool is performing brute-forcing for detection of subdomains on the target server.
Example 3: Allowed threads
python3 opendoor.py --host "http://geeksforgeeks.org" --threads 10
In this example, we are specifying the value of the threads for faster performance. We have used the –threads tag for setting the value as 10.