danielmiessler/RobotsDisallowed danielmiessler/RobotsDisallowed

  • Stars
    star
    1,361
  • Rank 33,218 (Top 0.7 %)
  • Language
    Shell
  • Created over 8 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
danielmiessler/RobotsDisallowed
github

danielmiessler

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A curated list of the most common and most interesting robots.txt disallowed directories.

RobotsDisallowed

The RobotsDisallowed project is a harvest of the robots.txt disallowed directories of the world's top websites---specifically those of the Alexa 100K and the Majestic 100K.

This list of Disallowed directories is a great way to supplement content discovery during a web security assessment or bug bounty, since the website owner is basically saying,

"Don't go here; there's sensitive stuff in there!

In other words, it's a list of potential high-value targets.

The project

So what we did is take the Alexa Top 100,000 websites, download their robots.txt files, extracted all Disallowed directories, and then performed a bunch of cleanup on them (they are a mess) to make the lists as useful as possible during web assessments.

History and updates

  • This project was initially created in 2017, and used the Alexa 100K.
  • This project was last updated in March of 2019, and used the Majestic Million top 100K. In addition to using the Majestic list instead of Alexa (Alexa went to a pay model), we also switched to Chromium as the user-agent (instead of curl), simplified the file structure, and created an /archive directory so that older versions of the files can persist. The old code directory is also in there. Finally, we removed the actual robots.txt files because…well, they're big and worthless.

How to use the project

  1. Clone the directory to your system.
  2. Pick the file you want to use based on the assessment you're doing. If you have lots of time, maybe use one of the bigger top-N lists---vs. using a smaller one if you have less time.

My personal favorite option, however, is to go with the curated.txt list, because it's only around 500 items, and it is a collection of directories containing the following strings and content:

  • "admin"
  • "user"
  • "account"
  • "password"
  • "forgot"
  • "login"
  • "backup"
  • The top 25 entries from the full list

In short, it's the best of the best. I blogged more about here.

TL;DR: If you want the best use of your time, go with curated.txt.

Credit

This concept is not new. The RAFT project was the first to do this, and we thank them for their pioneering of the idea. But the project is now dead and gone, and since the idea works best when it's kept up-to-date, we decided to give it a refresh in the form of RobotsDisallowed.

Shoutouts

Thanks so much to Jason Haddix and Tim Tomes for talking about the project on Twitter and in their bounty/recon/hacking presentations around the world.

Feedback

If you have any ideas on what to improve, please email us at [email protected] or submit a pull request.

Thank you, and happy hacking!

More Repositories

1

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
PHP
51,997
star
2

fabric

fabric is an open-source framework for augmenting humans using AI.
Python
4,566
star
3

vim

My Vim configuration.
JavaScript
150
star
4

HoneyCredIPTracker

Quick script to gather stats on incoming credentials and IPs for a honey listener.
Shell
97
star
5

Source2URL

Parse source code directories and output list of URLs that are then sent through a proxy.
95
star
6

nginx

My Nginx configuration files, for all to use and improve upon.
94
star
7

egression

Test a network's egress controls with various levels of success and failure.
Shell
91
star
8

Caparser

A quick and dirty PCAP parser that helps you identify who your applications are sending sensitive data to without encryption.
Ruby
86
star
9

SecurityTools

A repo for collecting and organizing security tools of various types. As new ones come out, they get added to the list.
84
star
10

iptables

An iptables firewall configuration template.
Shell
71
star
11

BugOutBag

BugOutBag
56
star
12

CTFSolutionTypes

A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!
54
star
13

DNSHarvester

This tool will harvest valid DNS subdomains from a given domain.
Python
50
star
14

TechStack

This project exists as a free (and transparent) alternative to paid services that show you what technologies are running on a given website.
Shell
45
star
15

ATM

The Adaptive Security Testing Methodology (ASTM) provides context-adjusted testing methodologies based on factors such as time available to test, platform, technology stack, versions, plugins, modules, and other variables.
42
star
16

geoip

A Ruby script that takes in IPs and returns Country, State, and City
Ruby
31
star
17

GeoHarvest

A simple script for translating IP addresses to GeoLocations
Shell
30
star
18

Books

A list of the books that I am reading, with priorities.
24
star
19

hostfind

Does a dictionary lookup on common, valuable hostnames for a given domain.
Shell
22
star
20

GitHubRating

A composite score for one's GitHub quality.
Shell
22
star
21

tmux

My tmux stuff
21
star
22

mobiletools

Free tools for mobile testing.
21
star
23

ServerConfig

My various configuration files for zsh, vim, tmux, etc.
Vim Script
19
star
24

top-domains

A repository for maintaining a list of the top domains based on multiple lists
18
star
25

athi

ATHI β€” An AI Threat Modeling Framework for Policymakers
17
star
26

mst

A meta-scan tool used to kick off a number of command-line security tools during VA/PT work.
Shell
17
star
27

unsupervised-learning

16
star
28

Personal

A repository for personal tracking.
14
star
29

NewBox

Zsh and Vim on new Linux boxen.
Shell
14
star
30

CertExpirationCheck

Checks to see when the cert for a given domain expires.
14
star
31

Self

A tracking system for everything me, e.g.: beliefs, passions, must-haves, must-dos, favorite movies, favorite quotes, favorite aphorisms, etc.
13
star
32

neovim

My Neovim settings
Lua
12
star
33

gscour

Find all hostnames related to a given domain. Helpful during VA/PT work.
11
star
34

augmented-course

The website for the AUGMENTED AI course.
Vue
11
star
35

GetTweets

Get a number of your tweets from the Twitter API.
Ruby
6
star
36

FreeWill_TwoLever_Argument

This is a project aimed to show that Free Will is impossible using Ruby
Ruby
6
star
37

WorkDay

An ideal (regular) work day.
5
star
38

Dicematch

Determines how many times a given number of dice match each other.
Ruby
5
star
39

LifeOpt

A repository for life optimizations. Examples include wardrobe, work bag, knives, coffee gear, etc.
5
star
40

Intimate

INTIMATE -- The audience management platform.
Ruby
4
star
41

MostPoweredBy

Checks to see the most common X-Powered-By headers for the world's most popular websites.
4
star
42

CaliforniaAirQuality

Get the air quality for your area from California's AIrNow website using Ruby and Nokogiri.
Ruby
4
star
43

Opim

Optimize images in OS X
Shell
3
star
44

import-alignment

A library-based attempt to increase our chances for achieving AI Alignment with an emergent AGI.
3
star
45

Restaurants

A list of restaurants I've experienced or want to experience.
3
star
46

BandShuffle

Shuffle some bands, yo.
Ruby
2
star
47

TeamShuffle

A script to randomly pick the order your team does something.
Ruby
2
star
48

threshold-site

The website for the Threshold.
Vue
2
star
49

mhp

A proof-by-simulation of the Monty Hall problem [Python]
1
star
50

Statraises

A Ruby script that checks to see how many stat checks are needed to raise a stat.
Ruby
1
star