Hi ostendali,
Thank you for your response, and having time for looking into the tool!
I wasn’t aware of the mentioned requirements.
For the similiraties with dirsearch. It’s true there is some sort of similarities, but the purpose of the tool and scans that bfac do is totally different.
Bfac tests for backup file artifacts, while dirsearch is a typical directory brute-forcer.
Bfac makes the following:
If the url for example is newbielink:http://example.com/custom-app/import-data.php [nonactive]
It checks for backup artifacts for import-data on many ways.
Such as:
http://example.com/custom-app/backup-import-data.php
http://example.com/custom-app/import-data.php-bak
http://example.com/custom-app/import-data.php#
http://example.com/custom-app/import-data.bak
http://example.com/custom-app/~import-data.tmp
http://example.com/custom-app/import-data.saved
http://example.com/custom-app/import-data.php_old
http://example.com/custom-app/Copy%20import-data.php
http://example.com/custom-app/import-data.bck
http://example.com/custom-app/%23import-data.php%23
http://example.com/custom-app/import-data.php.tar
http://example.com/custom-app/import-data.php.org
http://example.com/custom-app/Copy_import-data.php
http://example.com/custom-app/import-data.php.bak
http://example.com/custom-app/.~lock.import-data.php%23
http://example.com/custom-app/import-data.php.conf
http://example.com/custom-app/import-data-bkp.php
http://example.com/custom-app/import-data%20copy.php
http://example.com/custom-app/import-data.sql.gz
http://example.com/custom-app/.import-data.php.swp
http://example.com/custom-app/.~import-data.php
http://example.com/custom-app/import-data%20-%20Copy.php
http://example.com/custom-app/import-data.php.back
http://example.com/custom-app/import-data.php.bk
http://example.com/custom-app/import-data.php.swo
http://example.com/custom-app/Copy_of_import-data.php
http://example.com/custom-app/~import-data.php
http://example.com/custom-app/import-data.bakup
http://example.com/custom-app/import-data.bakup1
http://example.com/custom-app/import-data.bak1
http://example.com/custom-app/import-data.tpl
http://example.com/custom-app/copy%20of%20import-data.php
http://example.com/custom-app/import-data.bak.sql
http://example.com/custom-app/import-data.php.save
http://example.com/custom-app/import-data.save
http://example.com/custom-app/~%24import-data.php
http://example.com/custom-app/_import-data.php.swp
http://example.com/custom-app/import-data.php.2
http://example.com/custom-app/import-data.php.tmp
http://example.com/custom-app/%20import-data.php
http://example.com/custom-app/Copy_(1)_of_import-data.php
http://example.com/custom-app/import-data.bak.sql.bz2
http://example.com/custom-app/import-data.sql
http://example.com/custom-app/_import-data.php.swo
http://example.com/custom-app/import-data.php.sav
http://example.com/custom-app/Copy%20of%20import-data.php
http://example.com/custom-app/import-data.original
http://example.com/custom-app/import-data.tar
http://example.com/custom-app/_import-data.php
http://example.com/custom-app/import-data.orig
http://example.com/custom-app/Copy_(2)_of_import-data.php
http://example.com/custom-app/import-data.old
http://example.com/custom-app/import-data-backup.php
http://example.com/custom-app/import-data.php~
http://example.com/custom-app/import-data.php.bck
This can not be done in Dirsearch. Dirsearch performs directory brute-force on newbielink:http://example.com/custom-app/ [nonactive] based on a predefined wordlist. It does not go and checks for artifacts that are not found in wordlists.
Typical large wordlists *may* contain a predefined input for common files like index.php and wp-config.php, but it does not have anything more.
The only similarity in term of functionality between dirsearch and bfac is that bfac holds a predefined non-dynamic words/checks for DVCS repos, this is a small addition to the tool, but the main concept is checking for artifacts.
Furthermore, let’s say I added a typical directory brute-forcing feature in the future in addition to the dynamic backup-file artifacts testing. Bfac would have a cool addition that most if not all directory brute-forcers have, including dirsearch and dirbuster, which is detection techniques.
BFAC uses multiple detection techniques instead of only checking the HTTP status code in order to avoid false-positives, and to increase accuracy.
After all, I truly respect and appreciate BackBox team regarding the decision of adding bfac to the default installation, but I hope If you can have another review at the tool based on the input.
Thanks,
Mazin Ahmed