TProx is a fast reverse proxy path traversal detector and directory bruteforcer

InstallUsageExamplesJoin Discord

Install Options

From Source

▶  GO111MODULE=on go get -v


▶  git clone && cd tprox && docker build -t tprox .


▶ tprox -h

▶  docker run tprox -h

This will display help for the tool. Here are all the switches it supports.

tprox help menu


Usage of ./tprox:
  -c int
        The number of concurrent requests (default 10)
        crawl the resolved domain while testing for proxy misconfigs
  -depth int
        The crawl depth (default 5)
  -o string
        Output the results to a file
        This flag will allow you to turn on the progress bar
  -regex string
        Filter crawl with regex pattern
  -s    Show Silent output
  -scope string
        Specify a scope to crawl with in using regexs
        This flag will allow you to turn on traversing
  -w string
        The wordlist to use against a valid endpoint to traverse


echo "" | tprox -w wordlist -traverse

echo "" | tprox -w wordlist -crawl -traverse

echo "" | tprox -w wordlist -crawl -traverse -regex "/api/"

echo "" | tprox -w wordlist -crawl -traverse -regex "/api/" -scope ".*.\"



  • Added some additional flags to help aid finding traversal misconfigurations
  • Optimised the crawler
  • Added a flag to disable/enable the progress bar
  • Fixed the silent flag


  • Fixed a crawling bug.
  • Fixed a traversal bug, it now only prints internal files & endpoints very low % of false positives.
  • Made some optimization fixes.

Known Fixes

if for some reason the program fails to install or update run:

<div class="highlight highlight-source-shell position-relative" data-snippet-clipboard-copy-content="sudo rm -r /home//go/pkg/mod/
go clean –modcache
go clean

sudo rm -r /home/<user-name>/go/pkg/mod/
go clean --modcache
go clean