I’d like to distribute
feroxbuster as a snap package.
feroxbuster is a tool designed to perform Forced Browsing.
Forced browsing aims to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker.
feroxbuster uses brute force combined with a wordlist to search for unlinked content in target directories. These resources may store sensitive information about web applications and operational systems, such as source code, credentials, internal network addressing, etc…
In order to provide different levels of configuration, feroxbuster searches for a config file in the following locations:
- The same directory as the feroxbuster executable
- The user’s current working directory
CONFIG_DIR is defined as the following:
With no way of knowing which config location a user has chosen based on previous installs (all are simultaneously valid and have an order precedence), I’m requesting auto-connect permission for the two narrowly scoped directories
Below is an excerpt from my snapcraft.yaml
plugs: etc-config: interface: system-files read: - /etc/feroxbuster dot-config: interface: personal-files read: - $HOME/.config/feroxbuster
This is my first time creating a snap/requesting an access like this. Thank you for your time and patience!