PentestPilot/bin/web/backup_hunter.sh

#!/usr/bin/env bash
set -euo pipefail

base=${1:-}
[[ -z "$base" ]] && { echo "Usage: $(basename "$0") <base-url> [list-of-paths.txt]" >&2; exit 1; }
list=${2:-}

paths=(index.php index.html config.php config.php~ config.php.bak .env .env.bak .git/HEAD .svn/entries backup.zip backup.tar.gz db.sql db.sql.gz site.zip wp-config.php wp-config.php~ robots.txt)
if [[ -n "$list" && -f "$list" ]]; then
  mapfile -t extra < "$list"; paths+=("${extra[@]}")
fi

for p in "${paths[@]}"; do
  url="${base%/}/$p"
  code=$(curl -sk -o /dev/null -m 6 -w "%{http_code}" "$url" || true)
  if [[ "$code" != "404" && "$code" != "000" ]]; then
    size=$(curl -skI "$url" | awk -F': ' 'tolower($1)=="content-length"{print $2}' | tr -d '\r')
    echo -e "[+] $code\t$size\t$url"
  fi
done