dirsearch is a simple command line tool designed to brute force directories and files in websites.
https://github.com/maurosoria/dirsearch
Installation
1. Download the source code
- git clone https://github.com/maurosoria/dirsearch.git
- ls
- cd dirsearch/
- ls
2. To execute the program
- ./dirsearch.py
- python3 dirsearch.py
How to use
1. Display the help menu
- ./dirsearch.py –help
Search
-w = Customize wordlist (separated by comma)
-e = Extension list separated by comma (Example: php,asp)
-u = URL to scan
- ./dirsearch.py -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e php -u http://bank.htb
2. Using a list of URLs use -L
- ./dirsearch.py -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e php -L url_list.txt
3. Using predefined list of extensions
-E = Use predefined list of common extensions
- ./dirsearch.py -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
4. Enable recursion and for extensions
-f = Force extensions for every wordlist entry
-r = Bruteforce recursively
- ./dirsearch.py -rf -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
Set the level of recursion
-R = Max recursion level (subdirs) (Default: 1 [only rootdir + 1 dir])
- ./dirsearch.py -r -R 3 -f -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
5. Increasing the number of threats (not recommended)
-t = Number of Threads
- ./dirsearch.py -rf -t 5 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
6. Excluding status code
-x = Exclude status code, separated by comma (example: 301, 500)
- ./dirsearch.py -rf -x 200 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
7. Set a cookie, and send the requests to BurpSuite
–proxy=127.0.0.1:8080 = Http Proxy (example: localhost:8080)
-c = Set a cookie
- ./dirsearch.py -rf -c HTBBankAuth=cfj5qnhq8br2si58l7pm9q5j56 –proxy=127.0.0.1:8080 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
8. Spoofing User-Agent
–ua = User agent text
- ./dirsearch.py -rf –ua=”Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1″ –proxy=127.0.0.1:8080 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
9. Use a different method for the scan
–http-method = Method to use, default: GET, possible also: HEAD;POST
- ./dirsearch.py -rf –http-method=POST –proxy=127.0.0.1:8080 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
10. Follow redirects
-F = follow redirects
- ./dirsearch.py -F -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
11. Writing results to a file
- ./dirsearch.py –plain-text-report=result.txt -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -E -L url_list.txt
- cat results.txt