aboutsummaryrefslogtreecommitdiffstats
path: root/feroxbuster/README
diff options
context:
space:
mode:
authorDanilo M. <danix@danix.xyz>2026-07-11 12:31:44 +0200
committerDanilo M. <danix@danix.xyz>2026-07-11 12:31:44 +0200
commitfcc470182958ef8ed0b0d468e4119e64a565abbe (patch)
treedbba108592cb64ebd1008a71b9b63f8c0e152abc /feroxbuster/README
parentd85e36a1156a25681d81c84ff1c0b47b4eb88a35 (diff)
downloadsbo-slackbuilds-fcc470182958ef8ed0b0d468e4119e64a565abbe.tar.gz
sbo-slackbuilds-fcc470182958ef8ed0b0d468e4119e64a565abbe.zip
Move SecLists, exploitdb, feroxbuster, ffuf, gobuster, nuclei from pentesting-suite
Deduplicate: these six are danix-maintained on SBo. ffuf and gobuster synced to current SBo (arch-independent .info). Others carry local versions ahead of SBo for later update submission. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Diffstat (limited to 'feroxbuster/README')
-rw-r--r--feroxbuster/README46
1 files changed, 46 insertions, 0 deletions
diff --git a/feroxbuster/README b/feroxbuster/README
new file mode 100644
index 0000000..277c41d
--- /dev/null
+++ b/feroxbuster/README
@@ -0,0 +1,46 @@
+feroxbuster is a fast, simple, recursive content discovery tool written
+in Rust. It performs forced browsing, brute forcing URLs with a wordlist
+to enumerate unlinked content (directories, files, backups, and similar
+resources) that a web application does not reference but still serves.
+
+This package is x86_64 only.
+
+It builds against rust-opt so it works on Slackware -stable, whose
+system cargo is too old to read the version 4 Cargo.lock. On -current
+the system rust is new enough; rust-opt is still listed as a dependency
+for a uniform build but its /opt/rust/bin directory is simply absent
+there.
+
+Because SlackBuilds.org build hosts have no network access at build
+time, this script does not let cargo fetch crates from the network.
+Instead, a prebuilt vendored-crates tarball
+(feroxbuster-$VERSION-vendor.tar.gz) is downloaded as a second source
+and extracted alongside the upstream source. The build then runs cargo
+in fully offline mode against those vendored crates. The vendored
+tarball is generated from the upstream Cargo.lock at the matching
+release tag, so the dependency set is reproducible.
+
+The vendored tarball is regenerated per version with
+cargo-vendor-filterer. SOURCE_DATE_EPOCH is pinned to the release tag's
+commit date so the archive is byte-for-byte reproducible:
+
+ tar xf feroxbuster-2.13.1.tar.gz && cd feroxbuster-2.13.1
+ export SOURCE_DATE_EPOCH="$(date -u -d 2025-12-13T14:09:44Z +%s)"
+ cargo vendor-filterer \
+ --platform=x86_64-unknown-linux-gnu \
+ --prefix=vendor \
+ --format=tar.gz \
+ feroxbuster-2.13.1-vendor.tar.gz
+
+The tag commit date comes from the GitHub API, field
+.commit.committer.date of:
+ api.github.com/repos/epi052/feroxbuster/commits/v2.13.1
+Then update MD5SUM_x86_64 for the new tarball in feroxbuster.info.
+
+The sample configuration is installed to:
+ /etc/feroxbuster/ferox-config.toml.new
+Rename it to ferox-config.toml to use it (it is shipped as .new so your
+edits are never overwritten on upgrade).
+
+Shell completions for bash, fish, and zsh are installed if present in
+the upstream release tree.