Metasploit
# METASPLOIT HTTP
use auxiliary/scanner/http/brute_dirs
auxiliary/scanner/http/dir_scanner
auxiliary/scanner/http/dir_listing
auxiliary/scanner/http/http_put
auxiliary/scanner/http/files_dir
use auxiliary/scanner/http/robots_txt
use auxiliary/scanner/http/http_header
use auxiliary/scanner/http/http_version
#APACHE
auxiliary/scanner/http/apache_userdir_enum
## set options depends on the selected module
set HTTP_METHOD GET
set TARGETURI /<DIR>/
#Brute force
use auxiliary/scanner/http/http_login
set USER_FILE <USERS_LIST>
set PASS_FILE /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt
set VERBOSE false
set AUTH_URI /<DIR>/
exploitLast updated