Open In App

Pathprober – Probe And Discover HTTP Pathname

Last Updated : 03 May, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Pathprober is an automated tool developed in the Python language which aims to probe and discover HTTP and HTTPS path names by using the technique of brute-forcing and also filters the specific word or can filter more than 2 words. Brute-forcing website directories or HTTP path-name and authenticating using HTTP response codes are not important anymore. This tool will help us to perform a penetration test because it could verify the directories using specific-word or 2 words at once and the results will more specific. Pathprober tool is available on GitHub, it’s free and open-source. Pathprober can find the Web Login panels, and Credentials in some paths and also can find the Third-party tokens.

Note: Before installing the tool make sure you have Python installed on your system, as Pathprober is a python-based tool. Click to get the installation process of Python on Linux – Python Installation Steps on Linux

Installation of Pathprober Tool on Kali Linux OS

Step 1: In this step, we will get the Pathprober tool repository from GitHub open-source platform.

git clone https://github.com/xchopath/pathprober.git

 

Step 2: Use the below cd command to navigate to the Pathprober tool directory or folder.

cd pathprober

 

Step 3: We are in the directory of the Pathprober. Now execute the below command to download all the Python dependencies and requirements which are associated with the tool.

sudo pip3 install -r requirements.txt

 

Step 4: Run the below command in the terminal to view and understand the usage of the Pathprober tool.

python3 pathprober.py -h

 

Working with Pathprober Tool on Kali Linux OS

Example 1: Multiple targets, multiple paths, and multiple words

python3 pathprober.py -T targets.txt -P path.txt -w “APP_NAME” -w2 “DB_PASSWORD”

The target list containing URLs is been displayed in the below screenshot.

 

The path.txt file is been displayed in the below screenshot.

 

The scanning process is been started.

 

Results for https://geeksforgeeks.org are shown in the below screenshot.

 

Results for https://facebook.com are shown in the below screenshot.

 

Results for https://google.com are shown in the below screenshot.

 

Example 2: Single target, multiple paths, and a single word

python3 pathprober.py -t https://geeksforgeeks.org/ -P path.txt -w “APP_NAME”

Here, we have given only a single target as geeksforgeeks.org.

 

We have got the scan results.

 

Example 3: Multiple targets, single path, multiple words, and save the output to file

python3 pathprober.py -T targets.txt -p /.env -w “APP_NAME” -w2 “TWILIO” -o output.txt

Here, we will be saving the results in the output.txt file for further usage.

 

Results are been displayed and saved in the output.txt file.

 


Like Article
Suggest improvement
Previous
Subjs - Fetches javascript file from a list of URLS or subdomains
Next
Subdomains.Sh - Wrapper Around Tool used to find Subdomains
Share your thoughts in the comments

Similar Reads

Bash Pathname Expansion in Linux
How to Change Apache HTTP Port in Linux?
Arjun – Hidden HTTP Parameter Discovery Suite in Kali Linux
Domhttpx - Google Search Engine Dorker with HTTP Toolkit To Find Many URLs/IPs
Smuggler - HTTP Request Smuggling / Desync Testing Tool
Snallygaster - Scan For Secret Files On HTTP Servers
Ipsourcebypass - Python Script To Bypass IP Source Restrictions Using HTTP Headers
How to capture all the HTTP packets using tcpdump
How to Automatically Redirect HTTP to HTTPS on Apache Servers?
How to make an HTTP GET request manually with netcat?

A
abhishekgandal324
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox