Spray

Spray

Spray is a powerful and intelligent HTTP buster tool designed for directory brute-forcing. It offers features that make it user-friendly and precise, suitable for both beginners and advanced users.

Key Features

• Dictionary-based Brute Force: Read directories from a dictionary for brute-forcing.

  spray -u http://example.com -d wordlist1.txt -d wordlist2.txt

  Copy

• Mask-based Dictionary Generation: Generate dictionaries based on masks.

  spray -u http://example.com -w "/aaa/bbb{?l#4}/ccc"

  Copy

• Rule-based Dictionary Generation: Create dictionaries based on specific rules.

  spray -u http://example.com -r rule.txt -d 1.txt

  Copy

• Batch Scanning: Brute-force multiple targets in a single run.

  spray -l url.txt -r rule.txt -d 1.txt

  Copy

• Adaptive Performance: Automatically adjusts concurrency based on network conditions.
• Extensive Fingerprinting: Integrates with fingerprinthub and wappalyzer for enhanced identification.
• Crawling Capability: Allows crawling of the target site for comprehensive scanning.
• Backup and Common File Scanning: Ability to scan for backup files and common directories.

Benefits

• Easy to use with comprehensive documentation.
• Scalable performance improvements for multi-target scenarios.
• Supports various input methods and customizable configurations.

Highlights

• Developed by the chainreactors team, Spray is continuously improved with user feedback and performance testing against competitors where it shows superior capabilities.