Enumerating web directories - PoC script
I’ve been looking for a particular script which could be instructed into brute-forcing/enumerating [hidden] directories, simply that, and all I could find was the following Nessus plugin:
http://www.nessus.org/plugins/index.php?view=single&id=11032
Directory Scanner, by Digital Defense @ 2002
I know Nikto supposedly also takes care of enumerating directories but I haven’t yet looked at the code. I also looked for directory name wordlists but it looks like none are public. So I took all those directory names from the Nessus plugin and created a straight list (I’ll paste it below) and then a quick python script that is in a very raw form but will save you the first 2 minutes of programming a script which does the same thing.
Here’s everything, use it for good and educational purposes.