Automic VaultAutomic Vault

brew

Install feroxbuster with Homebrew, Nix, scoop, winget, zypper

Fast, simple, recursive content discovery tool written in Rust. Version 2.13.1 via Homebrew; verified 2026-06-22.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install feroxbuster

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#feroxbuster

nixpkgs package indexes · pkgs/by-name/fe/feroxbuster/package.nix · source: api.github.com

openSUSE zypperverified · 92%
sudo zypper install feroxbuster

openSUSE Tumbleweed package metadata · feroxbuster · source: download.opensuse.org

Windows

Scoopverified · 92%
scoop install main/feroxbuster

Scoop official bucket manifest trees · bucket/feroxbuster.json · source: api.github.com

Windows Package Managerverified · 92%
winget install --id epi052.feroxbuster -e

Windows Package Manager source index · epi052.feroxbuster · source: cdn.winget.microsoft.com

overview

Package summary

Fast, simple, recursive content discovery tool written in Rust

Commands and aliases

  • feroxbuster

history

Project history and usage

feroxbuster is a Rust command-line tool for recursive web content discovery. Its README frames it as a forced-browsing tool: it combines brute force with wordlists to find unlinked resources, directories, files, and other predictable locations in web applications.

Project history

The public GitHub repository was created in August 2020, and crates.io records the first `feroxbuster` crate release in October 2020. The project reached 1.0.0 within days of the initial crate publication and continued through a long 2.x line with regular releases.

The project documentation later moved from a very large README to a GitHub Pages documentation site, while the README retained quick-start installation and usage examples. The project also added an updater in the 2.x era and documents official distribution channels to avoid domain impersonation.

Adoption history

feroxbuster's adoption path follows the Rust security-tool pattern: GitHub releases and crates.io for early users, then OS package managers and security distributions for everyday use. The README documents Kali, Homebrew, winget, Chocolatey, install scripts, and project docs for other platforms; the input package metadata also records Nix, Scoop, winget, and zypper packaging.

Crates.io metadata records more than 130,000 downloads and the repository README displays badges for GitHub and crates.io downloads. Those numbers support a real package-manager footprint for a specialized security CLI.

How it is used

Typical use passes a target URL, wordlist-derived extensions, filters for status codes or response sizes, recursion controls, headers, query parameters, proxy settings, and output options. The README examples show piping targets through standard input, proxying through Burp or SOCKS, passing authorization headers, and sending JSON or form bodies.

In practice feroxbuster is used during web application testing to enumerate hidden or unlinked resources. Package users care about fast installation, shell completions, a default config path on security distributions, and reproducible CLI behavior across Linux, macOS, and Windows.

Why package nerds care

feroxbuster is significant because it became one of the recognizable Rust replacements in the directory-enumeration and content-discovery space. It packages as a single CLI but has enough operational surface to matter: config files, completions, man pages, update behavior, and multiple binary distribution paths.

For maintainers, it is also a good example of security-tool packaging where provenance matters. The README explicitly warns about an unrelated impersonating domain and lists official download channels, which is unusually relevant package metadata for a pentesting tool.

Timeline

  • 2020: Public GitHub repository created.
  • 2020: First crates.io release and 1.0.0 release published.
  • 2023: 2.10.x release line appears on crates.io.
  • 2025: crates.io records the 2.13.1 release.

Related projects

  • feroxbuster is related to forced-browsing and directory-enumeration tools used in web security testing, and it is commonly paired with wordlists, proxies such as Burp Suite, and shell pipelines for target and result processing.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 1 runtime dependencies.
  • Build metadata lists 2 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Linux
/etc/feroxbuster/ferox-config.toml

executables

Installed executables

CommandKindExposureNote
feroxbustercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version2.13.1
manager updated2026-06-22
local dataok
upstreamcurrent
latest detectedv2.13.1

https://github.com/epi052/feroxbuster

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:feroxbuster
Version2.13.1
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/feroxbuster
Homepagehttps://epi052.github.io/feroxbuster
Repositoryhttps://github.com/epi052/feroxbuster
Upstream docshttps://epi052.github.io/feroxbuster
LicenseMIT
Source archivehttps://github.com/epi052/feroxbuster/archive/refs/tags/v2.13.1.tar.gz
Last updated2026-06-22T14:03:19-07:00
Pulseupdated
Dependenciesopenssl@3
Build dependenciespkgconf, rust
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameferoxbuster
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

feroxbuster

nix profile install nixpkgs#feroxbuster
  • normalized package name match
  • Matched by: Feroxbuster
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/fe/feroxbuster/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
zypper95%

feroxbuster 2.13.1-1.4

A recursive content discovery tool

https://epi052.github.io/feroxbuster-docs/

sudo zypper install feroxbuster
  • License: MIT
  • Category: Productivity/Networking/Diagnostic
  • Architecture: x86_64
  • Source Package: feroxbuster
  • 3 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Feroxbuster
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: feroxbuster from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

feroxbuster-bash-completion 2.13.1-1.4

Bash Completion for feroxbuster

https://epi052.github.io/feroxbuster-docs/

sudo zypper install feroxbuster-bash-completion
  • License: MIT
  • Category: Productivity/Networking/Diagnostic
  • Architecture: noarch
  • Source Package: feroxbuster
  • 2 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Feroxbuster
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: feroxbuster-bash-completion from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
Scoop95%

main/feroxbuster

scoop install main/feroxbuster
  • normalized package name match
  • Matched by: Feroxbuster
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/feroxbuster.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
winget95%

epi052.feroxbuster

winget install --id epi052.feroxbuster -e
  • normalized package name match
  • Matched by: Feroxbuster
Windows Package Manager source index · cdn.winget.microsoft.com · Windows Package Manager source index: epi052.feroxbuster from https://cdn.winget.microsoft.com/cache/source.msix

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment