WebRecon/dir_enum.py at main · SubhaDip003/WebRecon · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import os
import requests
import argparse
import time
from concurrent.futures import ThreadPoolExecutor
from tqdm import tqdm

def get_wordlist():
    """Read the wordlist from the local machine"""
    with open('wordlist.txt', 'r') as f:
        return [line.strip() for line in f.readlines()]

def directory_enumeration(domain, word):
    """Perform directory enumeration"""
    url = f"http://{domain}/{word}"
    try:
        response = requests.get(url, timeout=5)
        if response.status_code == 200:
            return url
    except requests.exceptions.RequestException:
        pass

def list_directories(domain, wordlist):
    """Perform directory listing or enumeration of a given domain name of a web application."""
    discovered_directories = []
    with ThreadPoolExecutor(max_workers=50) as executor:
        for url in tqdm(executor.map(lambda word: directory_enumeration(domain, word), wordlist), desc=f"Enumerating directories for {domain}"):
            if url:
                discovered_directories.append(url)
    return discovered_directories

def save_results(discovered_directories, domain):
    """Save the results to a file in the results directory."""
    results_dir = "results"
    if not os.path.exists(results_dir):
        os.makedirs(results_dir)
    filename = f"{results_dir}/{domain}_directories.txt"
    with open(filename, 'w') as f:
        for directory in discovered_directories:
            f.write(f"{directory}\n")
    print(f"Results saved to {filename}")

def main():
    parser = argparse.ArgumentParser(description="Directory listing or enumeration tool")
    parser.add_argument("-d", "--domain", required=True, help="Domain name of the web application")
    args = parser.parse_args()
    domain = args.domain

    wordlist = get_wordlist()
    discovered_directories = list_directories(domain, wordlist)
    save_results(discovered_directories, domain)

if __name__ == "__main__":
    start_time = time.time()
    main()
    end_time = time.time()
    print(f"Total time taken: {end_time - start_time:.2f} seconds")