<img src="static/logo.png" alt="dirsearch" width="675px">
dirsearch - Web path discovery
=========
<a href="https://twitter.com/intent/tweet?text=dirsearch%20-%20Web%20path%20scanner%20by%20@_maurosoria%0A%0Ahttps://github.com/maurosoria/dirsearch">
</a>
**Current Release: v0.4.2 (2021.9.12)**
An advanced command-line tool designed to brute force directories and files in webservers, AKA web path scanner
**dirsearch** is being actively developed by [@maurosoria](https://twitter.com/_maurosoria) and [@shelld3v](https://twitter.com/shells3c_)
Table of Contents
------------
* [Installation](#installation--usage)
* [Wordlists](#wordlists-important)
* [Options](#options)
* [Configuration](#configuration)
* [How to use](#how-to-use)
* [Simple usage](#simple-usage)
* [Pausing progress](#pausing-progress)
* [Recursion](#recursion)
* [Threads](#threads)
* [Prefixes / Suffixes](#prefixes--suffixes)
* [Blacklist](#blacklist)
* [Filters](#filters)
* [Raw request](#raw-request)
* [Wordlist formats](#wordlist-formats)
* [Exclude extensions](#exclude-extensions)
* [Scan sub-directories](#scan-sub-directories)
* [Proxies](#proxies)
* [Reports](#reports)
* [More example commands](#more-example-commands)
* [Support Docker](#support-docker)
* [Install Docker Linux](#install-docker-linux)
* [Build Image dirsearch](#build-image-dirsearch)
* [Using dirsearch](#using-dirsearch)
* [References](#references)
* [Tips](#tips)
* [Contribution](#contribution)
* [License](#license)
Installation & Usage
------------
**Requirement: python 3.7 or higher**
Choose one of these installation options:
- Install with git: `git clone https://github.com/maurosoria/dirsearch.git --depth 1` (RECOMMENDED)
- Install with ZIP file: [Download here](https://github.com/maurosoria/dirsearch/archive/master.zip)
- Install with Docker: `docker build -t "dirsearch:v0.4.2" .` (more information can be found [here](https://github.com/maurosoria/dirsearch#support-docker))
- Install with PyPi: `pip3 install dirsearch`
- Install with Kali Linux: `sudo apt-get install dirsearch` (deprecated)
Wordlists (IMPORTANT)
---------------
**Summary:**
- Wordlist is a text file, each line is a path.
- About extensions, unlike other tools, dirsearch only replaces the `%EXT%` keyword with extensions from **-e** flag.
- For wordlists without `%EXT%` (like [SecLists](https://github.com/danielmiessler/SecLists)), **-f | --force-extensions** switch is required to append extensions to every word in wordlist, as well as the `/`.
- To apply your extensions to wordlist entries that have extensions already, use **-O** | **--overwrite-extensions** (Note: some extensions are excluded from being overwritted such as *.log*, *.json*, *.xml*, ... or media extensions like *.jpg*, *.png*)
- To use multiple wordlists, you can separate your wordlists with commas. Example: `wordlist1.txt,wordlist2.txt`.
**Examples:**
- *Normal extensions*:
```
index.%EXT%
```
Passing **asp** and **aspx** as extensions will generate the following dictionary:
```
index
index.asp
index.aspx
```
- *Force extensions*:
```
admin
```
Passing **php** and **html** as extensions with **-f**/**--force-extensions** flag will generate the following dictionary:
```
admin
admin.php
admin.html
admin/
```
- *Overwrite extensions*:
```
login.html
```
Passing **jsp** and **jspa** as extensions with **-O**/**--overwrite-extensions** flag will generate the following dictionary:
```
login.html
login.jsp
login.jspa
```
Options
-------
```
Usage: dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
Mandatory:
-u URL, --url=URL Target URL(s), support multiple flags
-l PATH, --url-file=PATH
URL list file
--stdin Read URL(s) from STDIN
--cidr=CIDR Target CIDR
--raw=PATH Load raw HTTP request from file (use `--scheme` flag
to set the scheme)
-s SESSION_FILE, --session=SESSION_FILE
Session file
--config=PATH Full path to config file, see 'default.conf' for
example (Default: default.conf)
Dictionary Settings:
-w WORDLIST, --wordlists=WORDLIST
Customize wordlists (separated by commas)
-e EXTENSIONS, --extensions=EXTENSIONS
Extension list separated by commas (e.g. php,asp)
-f, --force-extensions
Add extensions to the end of every wordlist entry. By
default dirsearch only replaces the %EXT% keyword with
extensions
-O, --overwrite-extensions
Overwrite other extensions with your extensions
(selected via `-e`)
--exclude-extensions=EXTENSIONS
Exclude extension list separated by commas (e.g.
asp,jsp)
--remove-extensions
Remove extensions in all paths (e.g. admin.php ->
admin)
--prefixes=PREFIXES
Add custom prefixes to all wordlist entries (separated
by commas)
--suffixes=SUFFIXES
Add custom suffixes to all wordlist entries, ignore
directories (separated by commas)
-U, --uppercase Uppercase wordlist
-L, --lowercase Lowercase wordlist
-C, --capital Capital wordlist
General Settings:
-t THREADS, --threads=THREADS
Number of threads
-r, --recursive Brute-force recursively
--deep-recursive Perform recursive scan on every directory depth (e.g.
api/users -> api/)
--force-recursive Do recursive brute-force for every found path, not
only directories
-R DEPTH, --max-recursion-depth=DEPTH
Maximum recursion depth
--recursion-status=CODES
Valid status codes to perform recursive scan, support
ranges (separated by commas)
--subdirs=SUBDIRS Scan sub-directories of the given URL[s] (separated by
commas)
--exclude-subdirs=SUBDIRS
Exclude the following subdirectories during recursive
scan (separated by commas)
-i CODES, --include-status=CODES
Include status codes, separated by commas, support
ranges (e.g. 200,300-399)
-x CODES, --exclude-status=CODES
Exclude status codes, separated by commas, support
ranges (e.g. 301,500-599)
--exclude-sizes=SIZES
Exclude responses by sizes, separated by commas (e.g.
0B,4KB)
--exclude-texts=TEXTS
Exclude responses by texts, separated by commas (e.g.
'Not found', 'Error')
--exclude-regex=REGEX
Exclude responses by regex (e.g. '^Error$')
--exclude-redirect=STRING
Exclude responses if this regex (or text) matches
redirect URL (e.g. '/index.html')
--exclude-response=PATH
Exclude responses similar to response of this page,
path as input (e.g. 404.html)
--skip-on-status=CODES
Skip target wheneve
dirsearch-master.zip
3星 · 超过75%的资源 需积分: 50 29 浏览量
2022-06-25
20:59:54
上传
评论
收藏 194KB ZIP 举报 
dirsearch-master.zip (88个子文件) 
dirsearch-master 
Dockerfile 268B default.conf 2KB .gitignore 88B setup.cfg 40B README.md 22KB dirsearch.py 2KB CONTRIBUTORS.md 3KB CHANGELOG.md 4KB .github workflows ci.yml 2KB semgrep-analysis.yml 2KB codeql-analysis.yml 2KB pull_request_template.md 284B FUNDING.yml 66B ISSUE_TEMPLATE bug_report.md 367B ask_question.md 323B feature_request.md 218B tests utils test_schemedet.py 1KB test_random.py 1KB test_diff.py 1KB __init__.py 0B test_mimetype.py 1KB test_common.py 1KB reports __init__.py 0B test_reports.py 3KB parse test_headers.py 1KB test_url.py 1KB __init__.py 0B __init__.py 0B connection test_dns.py 1KB __init__.py 0B db 
400_blacklist.txt 147B 500_blacklist.txt 53B dicc.txt 137KB 403_blacklist.txt 255B user-agents.txt 5KB static 
logo.png 58KB pause.png 8KB testing.py 1KB __init__.py 85B requirements.txt 288B setup.py 1KB lib utils diff.py 2KB common.py 2KB schemedet.py 1KB mimetype.py 2KB __init__.py 0B file.py 3KB random.py 1KB pickle.py 2KB reports base.py 1KB plain_text_report.py 1KB csv_report.py 1KB markdown_report.py 2KB html_report.py 2KB __init__.py 0B xml_report.py 2KB simple_report.py 984B json_report.py 1KB sqlite_report.py 2KB templates 
html_report_template.html 7KB parse config.py 2KB cmdline.py 14KB url.py 1KB __init__.py 0B rawrequest.py 1KB headers.py 2KB controller controller.py 21KB __init__.py 0B output verbose.py 6KB colors.py 2KB __init__.py 0B silent.py 1KB __init__.py 0B connection dns.py 1KB __init__.py 0B requester.py 10KB response.py 2KB core exceptions.py 1015B logger.py 1KB dictionary.py 7KB settings.py 3KB structures.py 1KB installation.py 2KB __init__.py 0B fuzzer.py 7KB decorators.py 2KB scanner.py 6KB options.py 12KB
评论1