| Python | Linux | OSX | Windows |
|---|---|---|---|
| 2.6 | ? | ||
| 2.7 | ? |
This application scans the site directories and find all possible ways to login, index of/ dirs and entry points. The scanning is performed by the dictionary that came with the software. Possiblly to use own dictionaries. This software is written for informational purposes and is an open source product under the GPL license.
- Current v3.0.2-beta (06.02.2017)
- Directories - 26524
- Subdomains - 101000
Testing of the software on the commercial systems and organizations is prohibited!
- @stanislav-web https://github.com/stanislav-web (Developer)
pip install -r requirements.txt
chmod +x opendoor.py
Also, you have to install socksipy package if you'll use socks as proxy
apt-get install python-socksipy
- multithreading control
- scan's reports
- directories scanner
- subdomains scanner
- HTTP(S) (PORT) support
- Keep-alive long pooling
- HTTP(S)/SOCKS proxies
- dynamic request header
- detect redirects
- detect index of/ Apache
- detect large files
- custom wordlst's prefixes
- custom wordlists, proxies, ignore lists
- debug levels (1-3)
- randomization techniques
- random user-agent per request
- random proxy per request
- wordlists shuffling
Changelog (last changes)
- relieved of unnecessary dependencies
- fully optimized code inside
- user-friendly interface
- multiple reporters (std,txt,json,html)
- added external wordlists support
- added external proxylist support
- added wordlist shuffling
- wordlst's prefixes
- added multithreading control
- dynamic and smart requests (cookies + accept headers)
- apache index of/ and files detection
python opendoor.py --host http://www.example.com
usage: opendoor.py [-h] [--host HOST] [-p PORT] [-m METHOD] [-t THREADS]
[-d DELAY] [--timeout TIMEOUT] [-r RETRIES]
[--accept-cookies] [--debug DEBUG] [--tor]
[--torlist TORLIST] [--proxy PROXY] [-s SCAN] [-w WORDLIST]
[--reports REPORTS] [--random-agent] [--random-list]
[--prefix PREFIX] [-i] [--update] [--version] [--examples]
optional arguments:
-h, --help show this help message and exit
required named options:
--host HOST Target host (ip); --host http://example.com
Application tools:
--update Update from CVS
--version Get current version
--examples Examples of usage
Debug tools:
--debug DEBUG Debug level 1 - 3
Request tools:
-p PORT, --port PORT Custom port (Default 80)
-m METHOD, --method METHOD
HTTP method (use HEAD as default)
-d DELAY, --delay DELAY
Delay between request's threads
--timeout TIMEOUT Request timeout (30 sec default)
-r RETRIES, --retries RETRIES
Max retries to reconnect (default 3)
--accept-cookies Accept and route cookies from responses
--tor Using proxylist
--torlist TORLIST Path to external proxylist
--proxy PROXY Custom permanent proxy server
--random-agent Randomize user-agent per request
Sniff tools:
-i, --indexof Detect Apache Index of/
Stream tools:
-t THREADS, --threads THREADS
Allowed threads
Wordlist tools:
-s SCAN, --scan SCAN Scan type scan=directories or scan=subdomains
-w WORDLIST, --wordlist WORDLIST
Path to external wordlist
--reports REPORTS Scan reports (json,std,txt)
--random-list Shuffle scan list
--prefix PREFIX Append path prefix to scan host
pip install -r requirements-dev.txt
coverage run --source=src/ setup.py test
If you like to contribute to the development of the project in that case pull requests are open for you. Also, you can suggest an ideas and create a task in my track list