Recon Tool: WaybackLister

Reading Time: 2 Minutes

WaybackLister

WaybackLister, developed by anmolksachan, is a reconnaissance tool that taps into the Wayback Machine to fetch historical URLs for a domain, parses unique paths, and checks if any of those paths currently expose directory listings. It’s fast, multithreaded, and built for practical use in security assessments and bug bounty recon.

Features

• Pulls archived URLs via the Wayback Machine
• Extracts unique paths and subdomains from those URLs
• Actively checks for live directory listings
• Supports multithreaded scanning
• Can auto-discover subdomains based on Wayback data
• Works with single domain or list of domains

Installation

Clone the repo and you’re good to go:

git clone https://github.com/anmolksachan/wayBackLister.git

cd wayBackLister

pip install -r requirements.txt -> To be updated

Usage

Scan a Single Domain

python waybacklister.py -d example.com

Scan Multiple Domains from a File

python waybacklister.py -f domains.txt

Auto-discover and Scan Subdomains [Module Under Development]

python waybacklister.py -auto example.com

Custom Thread Count

python waybacklister.py -d example.com -t 20

Example Output

Example

Requirements

• Python 3.6+
• requests
• argparse

Install dependencies with:

pip install -r requirements.txt

Why this Tool?

Sometimes, old URLs archived by the Wayback Machine lead to interesting places—especially when they still work. Directory listings can reveal sensitive files, backups, or even forgotten admin panels. WaybackLister helps you find them in a systematic and scriptable way.

Disclaimer

This tool is meant for educational and authorized security testing only. Don’t use it on systems you don’t have permission to test.

Clone the repo from here: GitHub Link