Skip to content
/ pathgro Public

🌱 combinatoric pathname wordlist expansion--it's like Miracle-Gro(tm) for your dirbusting technique!

License

Notifications You must be signed in to change notification settings

decal/pathgro

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

73 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

[ GNU Lesser General Public License ] [ PayPal.Me $5! ] [ Linux and macOS ]

[ PathGro Logo | Miracle-Gro(tm) Spoof ]

Introduction

pathgro takes a brief list of path strings as input and "grows" them into much larger sets. It is a tool that freely commingles pathname pieces to generate new omnifarious string mappings. It is designed to maximize attack surface coverage when testing software components that take pathnames as input; the technique referred to as dirbusting as implemented by dirb is a good example of such testing which stands to benefit from path growing abilities. Such tactics exploit predictable resource location and are sometimes referred to as forced browsing pathgro has been coded as a set of GNU Guile modules that are wrapped in a command-line interface script.

Examples

General overview of the functionality:

PathGro Usage Examples

Note that pathgro --Combos 1 and pathgro --Powerset 1 will generate equivalent lists according to their definitions.

Dependencies

Requirement

  • GNU Guile 2.x
    • NOTE: you must make sure that you have both of the guile and guild executables installed.
      Some Linux distributions (e.g. Debian) provide guild separately from guile, so simply
      installing a package named guile with APT may not be sufficient.
      (Debian provides guild in a development package entitled guile-2.x-dev)

Optional

  • direnv

Installation

# 🚊 on Linux, install the required GNU Guile binaries
$ sudo apt install guile guile-2.0-dev

# 🍻 on macOS, install Homebrew according to its site at https://brew.sh 
# 🍺 on Linux, optionally install the Linux version of Homebrew which might maintain a newer version of GNU Guile
$ sudo apt install linuxbrew-wrapper 

# πŸ₯‚ install the GNU Guile package via the default [homebrew/core](https://github.com/Homebrew/homebrew-core "Default formulae for the missing package manager for macOS") tap 
$ brew install guile 

# πŸ–₯️ on macOS, you can simply `brew install guile` after installing Homebrew from https://brew.sh
# πŸ’» on Linux, you may need to add `~/.linuxbrew/Cellar/guile/2.x.x/bin` to `PATH`

# πŸŒ€ clone the source code repository
$ git clone https://github.com/decal/pathgro

# πŸ“ change working directory to pathgro
$ cd pathgro

# β›΅ compile the source using the Makefile
$ make

# ✈️ execute various tests using the Makefile
$ make test

# #️⃣ install pathgro using the Makefile
$ make install

# βš“ append the above environment variable settings to the shell initialization file
$ cat ~/.pathgrorc >> ~/.bashrc

# πŸ₯š re-assign path environment variables for Guile and the current shell process
$ . .pathgrorc

# πŸ“— read the detailed program usage statement and refer to the table underneath the following screenshot
$ pathgro --help

# πŸ… That's it--you're done! Go get 'em tiger! Grow your pathname lists!

Usage

[ PathGro Tool Usage Summary ]


Β Β Β CommandΒ LineΒ FlagΒ Β  Description of Grow Level
--Grow 0, -G0
each command-line flag has a 50% chance of being enabled randomly
--basename, --dirname, --extname, --filename, --generate, --macos, --saves, --vimswap, --xtdirname

--Grow 1, -G1
bases, extensions and full file names
--basename, --extname, --filename

--Grow 2, -G2
file extensions as directories and standalone directories
--dirname, --xtdirname

--Grow 3, -G3
bases, extensions, full file names, standalone directories and extensions as directories
--basename, --extname, --filename, --dirname, --xtdirname

--Grow 4, -G4
auto-save and backup file names
--macos, --saves

--Grow 5, -G5
vim swap file names, one-byte base name appendages and extensions
--generate, --vimswap

--Grow 6, -G6
-G4 and -G5 togther
--macos, --saves, --generate, --vimswap

--Grow 7, -G7
combinations of folders two levels deep with traversals of same depth
--Combos 2, --Traverse 2

--Grow 8, -G8
enable each individual flag while passing the value 1 to each set operation
--basename, --extname, --filename, --dirname, --xtdirname, --macos, --saves, --generate, --vimswap, --Combos, --Powerset, --Traverse --basename, --extname, --filename, --dirname, --xtdirname, --macos, --saves, --generate, --vimswap, --Combos, --Powerset, --Traverse


Note that depending upon the command-line invocation's combined option flags, the results may still need to be uniqued by piping the output stream to sort -u.




Errors

  • ERROR: no code for module (pathgro main)

Don't forget to run make install and . ~/.pathgrorc before attempting to execute pathgro



Related


Utilities

Lists files and subfolders of a selected local directory

Lists all files and folders in a directory.




Listers

wfuzz, SecLists and john -based dirbusting / forceful browsing script intended to be used during web pentest assingments

A program that combines given words.

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

Fetch, install and search wordlist archives from websites and torrent peers.

A small wordlist that can be used for learning.




Lists

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Potentially dangerous files




Busters

Fetch many paths for many hosts - without killing the hosts

Automated reconnaissance wrapper β€” TomNomNom's meg on steroids

Web path scanner

Python version of OWASP's DirBuster Application

DirBuster for Node.js




License

pathgro is licensed according to version 3 of the GNU Lesser General Public License. See COPYING.txt for more information.


ERROR: no code for module (pathgro main)