Web Application Security
Re: new tool, File Disclosure Browser Sep 27 2011 01:04PM
Robin Wood (robin digininja org)
Take two on the URL:



On 27 September 2011 13:40, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
> Hi
> I've released a new tool, the File Disclosure Browser. The app takes
> .DS_Store files found on websites and parses through them to find a
> list of all potential files in the directory. It can then either just
> display the URLs for the files or if you give it a proxy it can browse
> to the files itself.
> I wrote it after reading the PDC blog post on passing DirBuster
> through Burp and figured doing the same thing for the contents of
> DS_Store files would be useful. I plan to extend it in the future to
> handle dwsync from Dreamweaver and other common files that disclose
> the names of files on the server.
> It is written in Perl and is my first attempt at writing a app from
> scratch so there is little error checking and potentially some bad
> code but it seems to work for most of the cases I've tried.
> You can download it from here https://www.damart.co.uk/
> Feel free to give feedback.
> Robin

This list is sponsored by Cenzic
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus