For the last several months, I have been taking my existing scripts and little programs and consolidating them into a GUI workflow and data management tool.
The project is called "Dirracuda" and I think of it as a "wardialer" for open directories. It runs locally and is GPL licensed. the repo is at https://github.com/b3p3k0/dirracuda
It's still pretty basic and has rough edges, but it's at a point where I'm ready to share it with the community. I hope it is useful or at least interesting to some people, and there are features which will be useful for both novice and experienced users. I'm interested in getting your feedback and maybe some ideas to expand the capabilities.
the README is pretty detailed (imo) so I'll just hit the basics here:
- three search modes: shodan (requires at least a "member" account), searxng, or reddit
- discovers http, ftp, and smb hosts (for the scope of this program, i consider "open directories" to include: readable http directories, ftp servers configured for "anonymous" or "guest" login, smb servers with no or "guest" auth).
- tests each returned host for connectivity and accessibility
- enumerates a sample of directories and files from successful hosts
- information is stored in a local sqlite db locally
- integrated db viewer/manager - store notes, mark favorites, search etc.
- built in file explorer allows live exploration of hosts
- downloads can optionally be staged in tmpfs (ie RAM only, no write to disk or swap if thats important to you) and scanned automatically with ClamAV
- CSV import for users with existing data
I've been daily driving throughout the process and have worked out most of the kinks in my normal workflow; a couple little annoying problems that may still occur though: sometimes a dialog pops under its parent, causing the UI to seem unresponsive; moving the parent and closing the dialog resolves. sometimes the db browser fails to paint initially; grabbing the title bar and moving the window resolves it.
tested on Ubuntu 24.10 and 25.10, Parrot OS 7
AI use: I know some ppl have strong feelings about this so I wanted to be transparent: besides the original source scripts and programs which were written by natural stupidity, this project was 100% developed by artificial intelligence (claude and codex, specifically). I have over 30 years experience in information technology and security, and I wanted to to use this as an opportunity to get familiar with using AI dev tools. This has always been a "back burner" idea that I never had time for; these tools made the gap between idea and implenting a lot narrower. Each feature was thoroughly planned, reviewed and tested before integration (except the ones still listed as "experimental", but those are mostly reliable, too)). I have committed many of the plannning, spec, architecture and testing docs etc under the "development" branch if readers want to review the development process in detail.
Thanks for having a look. Have a good weekend and happy hunting!