rwalk
A blazingly fast web directory scanner written in Rust
Security
A blazingly fast web directory scanner written in Rust. It's like dirsearch but on steroids. It is designed to be fast in recursive scans and to be able to handle large wordlists.
Unlike other tools, rwalk does not provide advanced fuzzing features such as parameter fuzzing, header discovery, etc.
Quick Installation
From homebrew
brew install cestef/tap/rwalk
With cargo-binstall
cargo binstall rwalk
From crates.io
cargo install rwalk
You can also download the latest binary from the releases page.
Documentation
The full documentation can be found at https://rwalk.cstef.dev.
Task Runner
This project uses braisé as a task runner. You can find all the available tasks in the braise.toml file.
Benchmarks
The following benchmarks were run on a 2023 MacBook Pro with an M3 Pro chip on a 10 Gbps connection via WiFi. The target was http://ffuf.me/cd/basic and the wordlist was common.txt.
Each tool was run 10 times with 100 threads. The results are below:
| Command | Mean [s] | Min [s] | Max [s] | Relative |
|---|---|---|---|---|
rwalk | 2.406 ± 0.094 | 2.273 | 2.539 | 1.00 |
dirsearch | 8.528 ± 0.149 | 8.278 | 8.743 | 3.54 ± 0.15 |
ffuf | 2.552 ± 0.181 | 2.380 | 3.005 | 1.06 ± 0.09 |
If you want to run the benchmarks yourself, you can use the bench command:
br bench
Arguments can also be passed to the bench command:
URL="http://ffuf.me/cd/basic" br bench
Please take these results with a grain of salt.
"There are three types of lies: lies, damned lies and benchmarks"
Contributing
Contributions are welcome! I am always looking for new ideas and improvements.
If you want to contribute to rwalk, please read the CONTRIBUTING.md file.
Make sure that your commits follow the Conventional Commits standard. This project uses commitizen to help you with that.
License
Licensed under the MIT License.