🚀 DS-Xtractor

Secure .DS_Store Reconnaissance & Extraction Tool

DS-Xtractor is a powerful security reconnaissance tool designed to discover, parse, and recursively enumerate exposed .DS_Store files on web servers.
It helps security researchers and penetration testers identify unintended file and directory disclosures.

✨ Features

✅ Recursive .DS_Store enumeration
✅ Automatic directory & file discovery
✅ GUI + CLI support
✅ Saves discovered files locally
✅ Auto ZIP evidence generation
✅ Adjustable recursion depth
✅ Rate limiting & timeout control
✅ SSL verification toggle
✅ Redirect handling
✅ Clean tree-based file explorer
✅ Real-time logs & progress
✅ Cross-platform support
✅ Offline parsing support
✅ Safe & structured output

⚙️ Installation

🔹 Requirements

• Python 3.8+
• pip
• Internet access (for scanning)

🔹 Install dependencies

pip install -r requirements.txt

🖥️ Usage

▶ GUI Mode

python DS-Xtractor.py --gui

Launches a full graphical interface with:

• Scan controls
• Logs
• File tree explorer
• ZIP export
• Backup browser

💻 CLI Mode

┌────────────────────────────────────────────────────────────────────────────────────────┐
│  ________    _________         ____  ___ __                        __                  │
│  \______ \  /   _____/         \   \/  //  |_____________    _____/  |_  ___________   │
│   |    |  \ \_____  \   ______  \     /\   __\_  __ \__  \ _/ ___\   __\/  _ \_  __ \  │
│   |    `   \/        \ /_____/  /     \ |  |  |  | \// __ \\  \___|  | (  <_> )  | \/  │
│  /_______  /_______  /         /___/\  \|__|  |__|  (____  /\___  >__|  \____/|__|     │
│          \/        \/                \_/                 \/     \/                     │
│                                    Version: v2.0.1                                     │
│                                 Author: AggressiveUser                                 │
│                   Secure .DS_Store Reconnaissance & Extraction Tool.                   │
└────────────────────────────────────────────────────────────────────────────────────────┘
usage: DS-Xtractor.py [-h] [--gui] [--depth DEPTH] [--timeout TIMEOUT] [--rate RATE] [--follow-redirects] [--ignore-ssl] [url]

DS-Xtractor - .DS_Store Reconnaissance & Extraction Tool

Example: python DS-Xtractor.py https://example.com/path/.ds_store --ignore-ssl

positional arguments:
  url                 Target URL (required for CLI mode)

options:
  -h, --help          show this help message and exit
  --gui               Launch GUI mode
  --depth DEPTH       Maximum recursion depth (default: 5)
  --timeout TIMEOUT   Request timeout in seconds (default: 10)
  --rate RATE         Rate limit delay in seconds (default: 0.1)
  --follow-redirects  Follow HTTP redirects
  --ignore-ssl        Ignore SSL certificate errors

python DS-Xtractor.py https://target.com/.DS_Store --ignore-ssl

📸 Screenshots

Perfect for VAPT reports & audit evidence ✅

🧪 Supported Use Cases

• Web application security testing
• Bug bounty reconnaissance
• Misconfigured server discovery
• .DS_Store exposure analysis
• Educational & research purposes
• Red team / blue team assessments

👥 Team

Name	Role	Links
Chetanya Sharma (AggressiveUser)	Lead Developer / Security Researcher	GitHub : : LinkedIn
Harkirat Singh	UI/UX Designer / Lead Dev	NA
Ashish Sharma	QA & Documentation	LinkedIn

⚠️ Disclaimer

This tool is intended strictly for authorized security testing, educational research, and ethical use only.

❌ Do NOT scan systems without explicit permission.

The authors are not responsible for misuse, damage, or illegal activity performed using this tool.

🧾 License

This project is licensed under the MIT License — feel free to use, modify, and distribute with attribution.

⭐ Support the Project

If you find this useful:

• ⭐ Star the repository

• 🐞 Report issues

• 🧩 Submit pull requests

• 💬 Share feedback