Skip to main content
Glama
adriyansyah-mf

MCP Pentest

by adriyansyah-mf
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Local

directory_bruteforce

Discover hidden directories and files on web servers by systematically testing common paths and extensions to identify exposed resources during security assessments.

Instructions

Bruteforce directories and files on web server

Input Schema

NameRequiredDescriptionDefault
extensionsNoFile extensions to check
urlYesTarget URL
use_seclistsNoUse SecLists common lists if no wordlist provided
wordlistNoWordlist to use

Input Schema (JSON Schema)

{ "properties": { "extensions": { "description": "File extensions to check", "items": { "type": "string" }, "type": "array" }, "url": { "description": "Target URL", "type": "string" }, "use_seclists": { "description": "Use SecLists common lists if no wordlist provided", "type": "boolean" }, "wordlist": { "description": "Wordlist to use", "type": "string" } }, "required": [ "url" ], "type": "object" }

Implementation Reference

  • src/tools/recon.ts:356-437 (handler)
    Core handler function implementing directory and file bruteforcing logic using HTTP HEAD requests against common paths and extensions. Supports custom wordlists and SecLists.
    async directoryBruteforce(url: string, wordlist?: string, extensions?: string[], useSecLists?: boolean): Promise<ScanResult> { try { const foundPaths: string[] = []; const baseUrl = new URL(url); // Default directory wordlist const defaultDirs = [ 'admin', 'administrator', 'login', 'dashboard', 'panel', 'config', 'backup', 'test', 'dev', 'staging', 'api', 'uploads', 'files', 'images', 'css', 'js', 'assets', 'static', 'public', 'private', 'secure', 'hidden', 'secret', 'wp-admin', 'wp-content', 'wp-includes', 'phpmyadmin', 'mysql', 'database' ]; let dirs: string[] = defaultDirs; if (wordlist) { dirs = await this.loadWordlist(wordlist); } else if (useSecLists) { const candidates = [ '/usr/share/seclists/Discovery/Web-Content/common.txt', '/usr/share/seclists/Discovery/Web-Content/raft-small-words.txt', '/usr/share/seclists/Discovery/Web-Content/raft-medium-words.txt' ]; for (const path of candidates) { try { const loaded = await this.loadWordlist(path); if (loaded.length > 0) { dirs = loaded; break; } } catch (_) {} } } const exts = extensions || ['php', 'html', 'asp', 'aspx', 'jsp', 'txt', 'xml', 'json']; // Check directories for (const dir of dirs) { try { const testUrl = `${baseUrl.origin}/${dir}/`; const response = await axios.head(testUrl, { timeout: 5000 }); if (response.status === 200 || response.status === 403) { foundPaths.push(testUrl); } } catch (e) { // Path not found or error } } // Check files with extensions for (const dir of dirs) { for (const ext of exts) { try { const testUrl = `${baseUrl.origin}/${dir}.${ext}`; const response = await axios.head(testUrl, { timeout: 5000 }); if (response.status === 200) { foundPaths.push(testUrl); } } catch (e) { // File not found or error } } } return { target: url, timestamp: new Date().toISOString(), tool: 'directory_bruteforce', results: { found_paths: foundPaths, total_found: foundPaths.length, wordlist_size: dirs.length, extensions_tested: exts }, status: 'success' }; } catch (error) { return { target: url, timestamp: new Date().toISOString(), tool: 'directory_bruteforce', results: {}, status: 'error', error: error instanceof Error ? error.message : String(error) }; } }
  • src/index.ts:121-133 (schema)
    Input schema definition for the directory_bruteforce tool, specifying parameters like url, wordlist, extensions, and use_seclists.
    name: "directory_bruteforce", description: "Bruteforce directories and files on web server", inputSchema: { type: "object", properties: { url: { type: "string", description: "Target URL" }, wordlist: { type: "string", description: "Wordlist to use" }, extensions: { type: "array", items: { type: "string" }, description: "File extensions to check" }, use_seclists: { type: "boolean", description: "Use SecLists common lists if no wordlist provided" } }, required: ["url"] } },
  • src/index.ts:514-515 (registration)
    Tool registration and dispatch handler in the main MCP server switch statement, calling the reconTools.directoryBruteforce method.
    case "directory_bruteforce": return respond(await this.reconTools.directoryBruteforce(args.url, args.wordlist, args.extensions, args.use_seclists));
  • src/index.ts:13-14 (registration)
    Import statement for ReconTools class containing the directoryBruteforce implementation.
    import { ReconTools } from './tools/recon.js'; import { VulnScanTools } from './tools/vulnscan.js';
  • src/tools/recon.ts:486-495 (helper)
    Helper function used by directoryBruteforce to load wordlists from files.
    private async loadWordlist(wordlistPath: string): Promise<string[]> { try { const fs = require('fs').promises; const content = await fs.readFile(wordlistPath, 'utf8'); return content.split('\n').filter((line: string) => line.trim() !== ''); } catch (error) { console.error('Wordlist loading error:', error); return []; } }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/adriyansyah-mf/mcp-pentest'

If you have feedback or need assistance with the MCP directory API, please join our Discord server