shortscan: An IIS short filename enumeration tool
shortscan
Shortscan is designed to quickly determine which files with short filenames exist on an IIS webserver. Once a short filename has been identified the tool will try to automatically identify the full filename.
In addition to standard discovery methods Shortscan also uses a unique checksum matching approach to attempt to find the long filename where the short filename is based on Windows’ proprietary shortname collision avoidance checksum algorithm (more on this research at a later date).
Install
Using a recent version of go:
go install github.com/bitquark/shortscan/cmd/shortscan@latest
Manual install
To build (and optionally install) locally:
go get github.com/bitquark/shortscan && go build
go install
Use
Basic usage
Shortscan is easy to use with minimal configuration. Basic usage looks like this:
$ shortscan http://example.org/
Advanced features
The following options allow further tweaks:
Copyright (c) 2019 Bitquark https://bitquark.io/
Source: https://github.com/bitquark/
