Apache Log Extractor tool
Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL's on a remote server by analysing the logs. This list could then be used as the input for further testing tools e.g Burp Suite – Intruder . The script accepts an Apache access file as the input and creates an output file containing one URL per line. The list is unique and should only contain the URL without parameters (incomplete directory names are not extracted). It also takes these URLs and creates a wordlist output of all valid directoy names for use with brute-forcing tools. This fingerprinting tool can reduse the realm of password cracking.
How to use
./apache_log_extractor.py access.log.1
Output
[ ] Extracting URLs from logfile : access.log.1
[ ] Extracted URL : /
[ ] Extracted URL : /Signed_Update.jar
[ ] Extracted URL : /ajax/bottomnavinfo.ashx
[ ] Extracted URL : /MetaAdServer/MAS.aspx?cp=seite1&ct=contentview_ressort&f=0
[ ] Extracted URL : /favicon.ico
[ ] Extracted URL : /EB3YKJjcJ5YvJ
[ ] Extracted URL : /MetaAdServer/MAS.aspx?cp=seite1&ct=contentview_ressort&f=1
[ ] Extracted URL : /AdServer/SponsorButtonC.aspx?ids=16965
[ ] Extracted URL : /Mail
[ ] Extracted URL : /css/layout.css
[ ] Extracting directory names from logfile
[ ] Extracted Word : ajax
[ ] Extracted Word : MetaAdServer
[ ] Extracted Word : AdServer
[ ] Extracted Word : css
[ ] Extracted Word : mail
As it is a python script it is os independent and fast.
Download Apache Log Extractor
Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL's on a remote server by analysing the logs. This list could then be used as the input for further testing tools e.g Burp Suite – Intruder . The script accepts an Apache access file as the input and creates an output file containing one URL per line. The list is unique and should only contain the URL without parameters (incomplete directory names are not extracted). It also takes these URLs and creates a wordlist output of all valid directoy names for use with brute-forcing tools. This fingerprinting tool can reduse the realm of password cracking.
How to use
./apache_log_extractor.py access.log.1
Output
[ ] Extracting URLs from logfile : access.log.1
[ ] Extracted URL : /
[ ] Extracted URL : /Signed_Update.jar
[ ] Extracted URL : /ajax/bottomnavinfo.ashx
[ ] Extracted URL : /MetaAdServer/MAS.aspx?cp=seite1&ct=contentview_ressort&f=0
[ ] Extracted URL : /favicon.ico
[ ] Extracted URL : /EB3YKJjcJ5YvJ
[ ] Extracted URL : /MetaAdServer/MAS.aspx?cp=seite1&ct=contentview_ressort&f=1
[ ] Extracted URL : /AdServer/SponsorButtonC.aspx?ids=16965
[ ] Extracted URL : /Mail
[ ] Extracted URL : /css/layout.css
[ ] Extracting directory names from logfile
[ ] Extracted Word : ajax
[ ] Extracted Word : MetaAdServer
[ ] Extracted Word : AdServer
[ ] Extracted Word : css
[ ] Extracted Word : mail
As it is a python script it is os independent and fast.
Download Apache Log Extractor
