https://wiki.owasp.org/index.php?action=history&feed=atom&title=Performing_Directory_Brute-Force_AttackPerforming Directory Brute-Force Attack - Revision history2026-04-05T12:10:32ZRevision history for this page on the wikiMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Performing_Directory_Brute-Force_Attack&diff=41619&oldid=prevD0ubl3 h3lix: New page: '''Description''' There are dozens of tools that let us brute-forcing directories names for sensitive information digging. In this movie, we illustrated Directory Brute-Forcing with the t...2008-09-30T15:27:20Z<p>New page: '''Description''' There are dozens of tools that let us brute-forcing directories names for sensitive information digging. In this movie, we illustrated Directory Brute-Forcing with the t...</p>
<p><b>New page</b></p><div>'''Description'''<br />
<br />
There are dozens of tools that let us brute-forcing directories names for sensitive information digging. In this movie, we illustrated Directory Brute-Forcing with the tool called 'JBroFuzz'. The reason why we like it is that it can brute force a large number of directories. As of this writing,the latest version JBroFuzz 0.8 has 58658 directories names that are commonly used by today's web sites. The only defense is you must not place/protect sensitive information in server-side (.htaccess). Just wanna show you - Security Through Obscurity is broken.<br />
Size: 3.51 MB <br />
<br />
<br />
'''Download:'''<br />
<br />
http://yehg.net/lab/pr0js/files.php/performing_directory_bruteforce_attack.zip<br />
<br />
<br />
<br />
[[Category:Non-OWASP_Trainings]]</div>D0ubl3 h3lix