FgScanner has been included in BlackArch Linux. What is BlackArch Linux ?
“BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers.
The repository contains 1059 tools. You can install tools individually or in groups. BlackArch is compatible with existing Arch installs. For more information, see the installation instructions. Please note that although BlackArch is past the beta stage, it is still a relatively new project. To report bugs and request new tools, please visit the issue tracker on Github, stop by IRC, or email us.”
FGscanner read the Directories wordlist and analyze the HTTP return code. If the directory exist on the target FGscanner starts reading pages list for a dictionary-based attack. Depending by –dump switch, if the page exists FGscanner dump it on disk.
If you need to avoid detection you can use the advanced features
- –tor switch to adddress GET requests via TOR network (TOR must be running on your system)
- –tordns to resolve target via TOR network (otherwise DNS request will be directed to your dns)
- –sec to slow down the scan or randomize time between requests
- –uarnd to randomize User-Agent.