███╗ ██╗ ██████╗ ██████╗ ███████╗██████╗ ██╗██████╗ ██████╗ ██╗ █████╗ ███████╗████████╗███████╗██████╗
████╗ ██║██╔═══██╗██╔══██╗██╔════╝██╔══██╗██║██╔══██╗██╔══██╗██║ ██╔══██╗██╔════╝╚══██╔══╝██╔════╝██╔══██╗
██╔██╗ ██║██║ ██║██║ ██║█████╗ ██║ ██║██║██████╔╝██████╔╝██║ ███████║███████╗ ██║ █████╗ ██████╔╝
██║╚██╗██║██║ ██║██║ ██║██╔══╝ ██║ ██║██║██╔══██╗██╔══██╗██║ ██╔══██║╚════██║ ██║ ██╔══╝ ██╔══██╗
██║ ╚████║╚██████╔╝██████╔╝███████╗██████╔╝██║██║ ██║██████╔╝███████╗██║ ██║███████║ ██║ ███████╗██║ ██║
╚═╝ ╚═══╝ ╚═════╝ ╚═════╝ ╚══════╝╚═════╝ ╚═╝╚═╝ ╚═╝╚═════╝ ╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝
const NodeDirBlaster = {
name: "NodeDirBlaster",
version: "1.0.0",
type: "Directory Reconnaissance Tool",
classification: "OPEN-SOURCE SECURITY RESEARCH",
capabilities: {
scan: "Recursive directory traversal",
filter: "Extension-based file filtering",
export: ["JSON", "CSV"],
speed: "Lightning fast",
stealth: "Minimal footprint"
},
warning: "⚠️ FOR AUTHORIZED PENETRATION TESTING ONLY",
author: "PicoBaz",
motto: "Scan. Analyze. Report."
};NodeDirBlaster is a high-performance Node.js directory scanner designed for penetration testers, security researchers, and DevOps engineers. Recursively scan file systems, filter by extension, and generate detailed reconnaissance reports.
| 🎯 FEATURE | 📝 DESCRIPTION |
|---|---|
| 🔍 RECURSIVE SCAN | Deep directory traversal with configurable depth limits |
| 🎨 SMART FILTERING | Target specific file types (.js, .php, .config, etc.) |
| 📊 DUAL REPORTS | Export results in JSON and CSV formats |
| ⚙️ MODULAR CONFIG | Customize all parameters via config.json |
| 🔄 AUTO RETRY | Handles transient errors with exponential backoff |
| 💨 BLAZING FAST | Optimized for large directory structures |
| 🛡️ ERROR HANDLING | Robust error logging and recovery mechanisms |
| 🔐 STEALTH MODE | Minimal system footprint during operation |
# CLONE THE REPOSITORY
git clone https://github.com/PicoBaz/NodeDirBlaster.git
# NAVIGATE TO DIRECTORY
cd NodeDirBlaster
# INSTALL DEPENDENCIES
npm install
# CONFIGURE SETTINGS
nano config.json# RUN THE SCANNER
node dir_scanner.js
# OUTPUT FILES
# - scan_results.json (Structured data)
# - scan_results.csv (Spreadsheet format)Edit config.json to customize scan parameters:
{
"directory": "./target",
"extensions": [".js", ".php", ".config", ".env"],
"maxDepth": 10,
"retryCount": 3,
"retryDelayMs": 1000
}╔═══════════════════════════════════════════════════════════════╗
║ CONFIG.JSON PARAMETERS ║
╠═══════════════════════════════════════════════════════════════╣
║ PARAMETER │ TYPE │ DESCRIPTION ║
╠════════════════╪══════════╪═══════════════════════════════════╣
║ directory │ String │ Target path to scan ║
║ extensions │ Array │ File types to include ║
║ maxDepth │ Integer │ Maximum recursion depth ║
║ retryCount │ Integer │ Number of retry attempts ║
║ retryDelayMs │ Integer │ Delay between retries (ms) ║
╚════════════════╧══════════╧═══════════════════════════════════╝
// SCAN FOR WEB FILES
{
"directory": "./web_app",
"extensions": [".php", ".html", ".js", ".css"],
"maxDepth": 8
}
// SCAN FOR CONFIG FILES (SECURITY AUDIT)
{
"directory": "/var/www",
"extensions": [".env", ".config", ".ini", ".yml"],
"maxDepth": 15
}
// FULL RECURSIVE SCAN (ALL FILES)
{
"directory": "./",
"extensions": [], // Empty = all files
"maxDepth": 20
}{
"scan_timestamp": "2025-01-15T10:30:45.123Z",
"directory": "./target",
"files_found": 1337,
"results": [
{
"name": "config.php",
"path": "/var/www/app/config.php",
"type": "file",
"size": 2048,
"extension": ".php"
}
],
"errors": []
}name,path,type,size,extension
config.php,/var/www/app/config.php,file,2048,.php
database.sql,/var/www/backup/database.sql,file,10485760,.sql
# CUSTOM CONFIG FILE
node dir_scanner.js --config custom_config.json
# OUTPUT TO CUSTOM LOCATION
node dir_scanner.js --output /tmp/scan_results
# VERBOSE MODE
node dir_scanner.js --verboseconst DirScanner = require('./dir_scanner');
const scanner = new DirScanner({
directory: './target',
extensions: ['.js', '.json'],
maxDepth: 5
});
scanner.scan()
.then(results => {
console.log(`Found ${results.length} files`);
})
.catch(error => {
console.error('Scan failed:', error);
});┌─────────────────────────────────────────────────────────────┐
│ LEGITIMATE USE CASES │
├─────────────────────────────────────────────────────────────┤
│ ✓ Security Auditing │
│ ✓ Code Analysis & Review │
│ ✓ Project Structure Documentation │
│ ✓ File System Inventory │
│ ✓ Build System Optimization │
│ ✓ Backup Verification │
│ ✓ Migration Planning │
│ ✓ Compliance Scanning │
└─────────────────────────────────────────────────────────────┘
╔═══════════════════════════════════════════════════════════════╗
║ ⚠️ CRITICAL WARNING ⚠️ ║
╠═══════════════════════════════════════════════════════════════╣
║ ║
║ This tool is designed for AUTHORIZED security research and ║
║ penetration testing ONLY. Unauthorized access to computer ║
║ systems is ILLEGAL and may result in criminal prosecution. ║
║ ║
║ By using NodeDirBlaster, you agree to: ║
║ • Only scan systems you own or have written permission ║
║ • Comply with all applicable laws and regulations ║
║ • Use responsibly and ethically ║
║ ║
║ The author assumes NO LIABILITY for misuse of this tool. ║
║ ║
╚═══════════════════════════════════════════════════════════════╝
Add custom filtering logic in dir_scanner.js:
// Filter by file size
function filterBySize(file, maxSize) {
return file.size <= maxSize;
}
// Filter by modification date
function filterByDate(file, afterDate) {
return file.mtime > afterDate;
}
// Filter by permissions
function filterByPermissions(file, requiredPerms) {
return (file.mode & requiredPerms) === requiredPerms;
}Implement worker threads for large-scale operations:
const { Worker } = require('worker_threads');
function scanInParallel(directories) {
const workers = directories.map(dir => {
return new Worker('./scanner_worker.js', {
workerData: { directory: dir }
});
});
return Promise.all(workers.map(w => new Promise(resolve => {
w.on('message', resolve);
})));
}| 📂 DIRECTORY SIZE | 📁 FILES | ⏱️ SCAN TIME | 💾 MEMORY |
|---|---|---|---|
| Small (< 1K files) | 500 | 0.5s | 25MB |
| Medium (1K-10K files) | 5,000 | 3.2s | 85MB |
| Large (10K-100K files) | 50,000 | 28s | 350MB |
| XLarge (100K+ files) | 250,000 | 2m 15s | 1.2GB |
Benchmarks on: Node.js v20.x, SSD, 16GB RAM
❌ Permission Denied Errors
# Run with elevated privileges (Linux/Mac)
sudo node dir_scanner.js
# Windows: Run as Administrator
# Right-click Command Prompt → Run as Administrator❌ Out of Memory Errors
# Increase Node.js heap size
node --max-old-space-size=4096 dir_scanner.js❌ Slow Performance
- Reduce
maxDepthin config.json - Add more specific file extensions
- Exclude large directories (node_modules, .git)
# .github/workflows/scan.yml
name: Directory Scan
on: [push]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run NodeDirBlaster
run: |
npm install
node dir_scanner.js
- name: Upload Results
uses: actions/upload-artifact@v2
with:
name: scan-results
path: scan_results.jsonFROM node:20-alpine
WORKDIR /app
COPY . .
RUN npm install
ENTRYPOINT ["node", "dir_scanner.js"]# HELP
node dir_scanner.js --help
# VERSION
node dir_scanner.js --version
# DRY RUN (no output files)
node dir_scanner.js --dry-run
# EXCLUDE PATTERNS
node dir_scanner.js --exclude "node_modules,.git,dist"
# QUIET MODE
node dir_scanner.js --quietWe welcome contributions from the security research community!
# Fork and clone
git clone https://github.com/YOUR_USERNAME/NodeDirBlaster.git
# Create feature branch
git checkout -b feature/amazing-feature
# Make changes and commit
git commit -m "Add amazing feature"
# Push and create PR
git push origin feature/amazing-feature- Follow existing code style
- Add tests for new features
- Update documentation
- Keep commits atomic and descriptive
╔═══════════════════════════════════════════════════════════════╗
║ CONNECT WITH AUTHOR ║
╠═══════════════════════════════════════════════════════════════╣
║ ║
║ 🔗 GitHub: github.com/PicoBaz ║
║ 📧 Email: picobaz3@gmail.com ║
║ 💬 Telegram: t.me/picobaz ║
║ 🌐 Website: picobaz.site ║
║ ║
╚═══════════════════════════════════════════════════════════════╝
MIT License
Copyright (c) 2025 PicoBaz
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
- Node.js Community for the robust runtime
- Security researchers worldwide for inspiration
- Open-source contributors for continuous improvement
If you find NodeDirBlaster useful, please consider:
⭐ Starring the repository
🍴 Forking for your own projects
🐛 Reporting bugs and issues
💡 Suggesting new features
📖 Improving documentation
╔═══════════════════════════════════════════════════════════════╗
║ ║
║ "Knowledge is power, use it wisely." ║
║ ║
║ - Security Researcher ║
║ ║
╚═══════════════════════════════════════════════════════════════╝
Built with 💀 by PicoBaz
