From fcc470182958ef8ed0b0d468e4119e64a565abbe Mon Sep 17 00:00:00 2001 From: "Danilo M." Date: Sat, 11 Jul 2026 12:31:44 +0200 Subject: Move SecLists, exploitdb, feroxbuster, ffuf, gobuster, nuclei from pentesting-suite Deduplicate: these six are danix-maintained on SBo. ffuf and gobuster synced to current SBo (arch-independent .info). Others carry local versions ahead of SBo for later update submission. Co-Authored-By: Claude Opus 4.8 --- feroxbuster/README | 46 ++++++++++++ feroxbuster/doinst.sh | 14 ++++ feroxbuster/feroxbuster.SlackBuild | 150 +++++++++++++++++++++++++++++++++++++ feroxbuster/feroxbuster.info | 12 +++ feroxbuster/slack-desc | 19 +++++ 5 files changed, 241 insertions(+) create mode 100644 feroxbuster/README create mode 100644 feroxbuster/doinst.sh create mode 100644 feroxbuster/feroxbuster.SlackBuild create mode 100644 feroxbuster/feroxbuster.info create mode 100644 feroxbuster/slack-desc (limited to 'feroxbuster') diff --git a/feroxbuster/README b/feroxbuster/README new file mode 100644 index 0000000..277c41d --- /dev/null +++ b/feroxbuster/README @@ -0,0 +1,46 @@ +feroxbuster is a fast, simple, recursive content discovery tool written +in Rust. It performs forced browsing, brute forcing URLs with a wordlist +to enumerate unlinked content (directories, files, backups, and similar +resources) that a web application does not reference but still serves. + +This package is x86_64 only. + +It builds against rust-opt so it works on Slackware -stable, whose +system cargo is too old to read the version 4 Cargo.lock. On -current +the system rust is new enough; rust-opt is still listed as a dependency +for a uniform build but its /opt/rust/bin directory is simply absent +there. + +Because SlackBuilds.org build hosts have no network access at build +time, this script does not let cargo fetch crates from the network. +Instead, a prebuilt vendored-crates tarball +(feroxbuster-$VERSION-vendor.tar.gz) is downloaded as a second source +and extracted alongside the upstream source. The build then runs cargo +in fully offline mode against those vendored crates. The vendored +tarball is generated from the upstream Cargo.lock at the matching +release tag, so the dependency set is reproducible. + +The vendored tarball is regenerated per version with +cargo-vendor-filterer. SOURCE_DATE_EPOCH is pinned to the release tag's +commit date so the archive is byte-for-byte reproducible: + + tar xf feroxbuster-2.13.1.tar.gz && cd feroxbuster-2.13.1 + export SOURCE_DATE_EPOCH="$(date -u -d 2025-12-13T14:09:44Z +%s)" + cargo vendor-filterer \ + --platform=x86_64-unknown-linux-gnu \ + --prefix=vendor \ + --format=tar.gz \ + feroxbuster-2.13.1-vendor.tar.gz + +The tag commit date comes from the GitHub API, field +.commit.committer.date of: + api.github.com/repos/epi052/feroxbuster/commits/v2.13.1 +Then update MD5SUM_x86_64 for the new tarball in feroxbuster.info. + +The sample configuration is installed to: + /etc/feroxbuster/ferox-config.toml.new +Rename it to ferox-config.toml to use it (it is shipped as .new so your +edits are never overwritten on upgrade). + +Shell completions for bash, fish, and zsh are installed if present in +the upstream release tree. diff --git a/feroxbuster/doinst.sh b/feroxbuster/doinst.sh new file mode 100644 index 0000000..82fe0c0 --- /dev/null +++ b/feroxbuster/doinst.sh @@ -0,0 +1,14 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/feroxbuster/ferox-config.toml.new diff --git a/feroxbuster/feroxbuster.SlackBuild b/feroxbuster/feroxbuster.SlackBuild new file mode 100644 index 0000000..6597cb7 --- /dev/null +++ b/feroxbuster/feroxbuster.SlackBuild @@ -0,0 +1,150 @@ +#!/bin/bash + +# Slackware build script for feroxbuster + +# Copyright 2026 danix +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PRGNAM=feroxbuster +VERSION=${VERSION:-2.13.1} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} + +# Name of the vendored crates tarball (hosted by the maintainer). +VENDOR=${PRGNAM}-${VERSION}-vendor + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +# feroxbuster is only meaningfully supported on x86_64. Bail out clearly +# on other arches rather than failing deep in the Rust build. +if [ "$ARCH" != "x86_64" ]; then + echo "$PRGNAM is only supported on x86_64." + exit 1 +fi + +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +# Rust honors RUSTFLAGS; we don't pass the usual SLKCFLAGS to a C compiler +# here since cargo drives the build. Release profile handles optimization. +SLKCFLAGS="" +LIBDIRSUFFIX="64" + +PKGNAM=$PRGNAM # PRINT_PACKAGE_NAME +if [ "$PRINT_PACKAGE_NAME" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION + +# Unpack the vendored crates alongside the source. The tarball extracts to +# a top-level vendor/ directory. +rm -rf vendor +tar xvf $CWD/$VENDOR.tar.gz + +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \+ + +# Point cargo at the vendored sources and forbid any network access. +# The directory is relative to the parent of .cargo/, i.e. the source +# root, so this is portable across build hosts (no absolute /tmp paths). +mkdir -p .cargo +cat > .cargo/config.toml </dev/null || true + install -D -m 0644 shell_completions/${PRGNAM}.fish \ + $PKG/usr/share/fish/vendor_completions.d/${PRGNAM}.fish 2>/dev/null || true + install -D -m 0644 shell_completions/_${PRGNAM} \ + $PKG/usr/share/zsh/site-functions/_${PRGNAM} 2>/dev/null || true +fi + +# Sample configuration, shipped as .new so it never clobbers user edits. +if [ -f ferox-config.toml.example ]; then + install -D -m 0644 ferox-config.toml.example \ + $PKG/etc/$PRGNAM/ferox-config.toml.new +fi + +# Strip the binary. +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a CHANGELOG.md LICENSE README.md \ + $PKG/usr/doc/$PRGNAM-$VERSION 2>/dev/null || true +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/feroxbuster/feroxbuster.info b/feroxbuster/feroxbuster.info new file mode 100644 index 0000000..7d0d90e --- /dev/null +++ b/feroxbuster/feroxbuster.info @@ -0,0 +1,12 @@ +PRGNAM="feroxbuster" +VERSION="2.13.1" +HOMEPAGE="https://github.com/epi052/feroxbuster" +DOWNLOAD="UNSUPPORTED" +MD5SUM="" +DOWNLOAD_x86_64="https://github.com/epi052/feroxbuster/archive/v2.13.1/feroxbuster-2.13.1.tar.gz \ + https://packages.danix.xyz/sbo/feroxbuster/feroxbuster-2.13.1-vendor.tar.gz" +MD5SUM_x86_64="dc0bfa007f22815875b8094d954c4f60 \ + 1ecbe3e0b6737669548afd595381979d" +REQUIRES="rust-opt" +MAINTAINER="danix" +EMAIL="danix@danix.xyz" diff --git a/feroxbuster/slack-desc b/feroxbuster/slack-desc new file mode 100644 index 0000000..369eb34 --- /dev/null +++ b/feroxbuster/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +feroxbuster: feroxbuster (fast recursive content discovery tool) +feroxbuster: +feroxbuster: feroxbuster is a fast, simple, recursive content discovery tool +feroxbuster: written in Rust. It performs forced browsing: brute forcing URLs +feroxbuster: with a wordlist to find unlinked content such as directories, +feroxbuster: files, backups, and other resources on web servers that are not +feroxbuster: referenced by the application but remain accessible. +feroxbuster: +feroxbuster: Homepage: https://github.com/epi052/feroxbuster +feroxbuster: +feroxbuster: -- cgit v1.2.3