GooFuzz: enumerate directories, files, subdomains or parameters

GooFuzz

GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server.

GooFuzz performs fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains, or parameters without leaving evidence on the target’s server and by means of advanced Google searches (Google Dorking).

Download

$ git clone https://github.com/m3n0sd0n4ld/GooFuzz.git
$ cd GooFuzz
$ chmod +x GooFuzz

Use

$ ./GooFuzz -h

Usage:
-h Display this help message.
-w <DICTIONARY> Specify a DICTIONARY, PATHS or FILES.
-e <EXTENSION> Specify comma-separated extensions.
-t <TARGET> Specify a DOMAIN or IP Address.
-p <PAGES> Specify the number of PAGES.
-x <EXCLUSIONS> EXCLUDES targets in searches.

Examples:
GooFuzz -t site.com -e pdf,doc,bak
GooFuzz -t site.com -e pdf -p 2
GooFuzz -t www.site.com -e extensionslist.txt
GooFuzz -t www.site.com -w config.php,admin,/images/
GooFuzz -t site.com -w wp-admin -p 1
GooFuzz -t site.com -w wordlist.txt
GooFuzz -t site.com -w login.html -x dev.site.com
GooFuzz -t site.com -w admin.html -x exclusion_list.txt

Copyright (C) 2022 m3n0sd0n4ld 

Source: https://github.com/m3n0sd0n4ld/