Open In App

URLBrute – Tool to Brute Forcing Website Sub-Domains and Directories

Last Updated : 23 Sep, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

Brute-Forcing is the technique of matching the credentials like Usernames, Passwords, OTPs for unauthenticated access to the target domain. The list of words are been tested against the target to get the exact credentials. All this process is done through automated tools. URLBrute is an automated tool developed in the Golang language which can be beneficial to penetration testers while testing the web application. URLBrute performs brute-forcing for the identification of directories and files on the target domain. These directories and files can contain some valuable information about the target. URLBrute tool is available on the GitHub platform, it’s free and open-source to use.

Sub Modules of URLBrute Tool

1. Dir 

Scan for directories on the target website.

./urlbrute dir -h

2. DNS

Scan for subdomains on the target website.

./urlbrute dns -h

Note: As URLBrute is a Golang language-based tool, so you need to have a Golang environment on your system. So check this link to download Golang in your system. – How to Install Go Programming Language in Linux

Installation of URLBrute Tool in Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/ReddyyZ/urlbrute.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd urlbrute

Step 3: Build the go file using the following command

sudo go build

Step 4: Now use the following command to run the tool and check the help section.

./urlbrute -h

Working with URLBrute Tool in Kali Linux OS

Example 1: Default options

./urlbrute dir -u geeksforgeeks.org -w common.txt

In this example, we are performing a simple scan on the target domain https://geeksforgeeks.org.

We have got the results of our scan.

Example 2: Showing 404 status code

./urlbrute dir -u geeksforgeeks.org -w common.txt --code 404

In this example, we are only displaying the results which returns the 400 response code.

We have got the results with only  400 status codes.

Example 3: Changing user-agent

./urlbrute dir -u geeksforgeeks.org -w common.txt –useragent geeksforgeeks

In this example, we are changing the user-agent value.

We have changed the user-agent value to geeksforgeeks.

Example 4: Searching for DNS

./urlbrute dns -d geeksforgeeks.org -w domain.txt –ip

In this example, we are searching for DNS on geeksforgeeks.org

We have got the results of our DNS search.



Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
LittleBrother – Information Gathering (OSINT) on a person in EU
Share your thoughts in the comments

Similar Reads

Haklistgen - Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing
Brute-Forcing WPS Pins with Reaver in Linux
Brutespray - Port Scanning and Automated Brute Force Tool
W3brute - Automatic Web Application Brute Force Attack Tool
SubBrute – Tool For Subdomain Brute Force
Brutex - Open Source Tool for Brute Force Automation
Find and Replace with sed in Directory and Sub Directories in Linux
How to Sync File and Directories to Cloud Storage in Linux Using Rclone Tool?
UrlBuster - Linux tool to find Web Hidden Files or Directories Finder
Shell Script To Show Names of All Sub-Directories Present in Current Directory

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox