Dirsearch

To find known misconfigurations, juicy APIs or endpoints, sensitive data exposure, config file, etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints. With web path fuzzing you can find a lot of juicy data that can’t be find on google search.

Web path scanner to find endpoins, juicy data, sensitive files, config and more.

Installation & Usage

Requirement: python 3.7 or higher

Choose one of these installation options:

Install with git: git clone https://github.com/maurosoria/dirsearch.git --depth 1 (RECOMMENDED)
Install with ZIP file: Download here
Install with Docker: docker build -t "dirsearch:v0.4.3" . (more information can be found here)
Install with PyPi: pip3 install dirsearch or pip install dirsearch
Install with Kali Linux: sudo apt-get install dirsearch (deprecated)

Wordlists (IMPORTANT)

Summary:

Wordlist is a text file, each line is a path.
About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag.
For wordlists without %EXT% (like SecLists), -f | –force-extensions switch is required to append extensions to every word in wordlist, as well as the /.
To apply your extensions to wordlist entries that have extensions already, use -O | –overwrite-extensions (Note: some extensions are excluded from being overwritted such as .log, .json, .xml, … or media extensions like .jpg, .png)
To use multiple wordlists, you can separate your wordlists with commas. Example: wordlist1.txt,wordlist2.txt.

Configuration

By default, config.ini inside your dirsearch directory is used as the configuration file but you can select another file via --config flag or DIRSEARCH_CONFIG environment variable.

How to use

Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Simple usage

python3 dirsearch.py -u https://target

python3 dirsearch.py -e php,html,js -u https://target

python3 dirsearch.py -e php,html,js -u https://target -w /path/to/wordlist

Pausing progress

dirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later), skip the current target, or skip the current sub-directory.

Dirsearch - Web Directory Fuzzing to Find Web Sensitive Files, Data Leaks, User Files

Filters

Use -i | –include-status and -x | –exclude-status to select allowed and not allowed response status-codes

For more advanced filters: –exclude-sizes, –exclude-texts, –exclude-regexps, –exclude-redirects and –exclude-response

python3 dirsearch.py -e php,html,js -u https://target –exclude-texts “403 Forbidden”

python3 dirsearch.py -e php,html,js -u https://target –exclude-regexps “^Error$”

python3 dirsearch.py -e php,html,js -u https://target –exclude-status 403,404,500

Download Dirsearch

Dirsearch – Web Content Discovery Scanner

Dirsearch

Installation & Usage

Wordlists (IMPORTANT)

Configuration

How to use

Pausing progress

Filters

Leave a Reply Cancel reply

WHID Injector – Plug And Hack Anything With USB

Sudomy – Tool To Analyze Domains and Collect Subdomains in Fast and Comprehensive Way

BurpSuite Asset Discover – Burp Suite Extension to Discover Assets From HTTP Response

Emagnet – Tool For Find Leaked Databases With 97.1% Accurate to Grab Mail + Password Together From Pastebin Leaks

Mitaka – Browser Extension For OSINT Search

OpenRedireX – Open Redirect Scanner and Fuzzer Tool

Mantra – Tool to Find API key Leaks in JS Files & Pages

Bypass 403 – Simple Script For Bypassing 403 Forbidden Response

Burpgpt – Integrate OpenAI GPT with Burp Suite to Discover Highly Bespoke Vulnerabilities

LinkedInDumper – Extract Company Employees Data from LinkedIn

Dirsearch

Installation & Usage

Wordlists (IMPORTANT)

Configuration

How to use

Pausing progress

Filters

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

MetaFinder – Tool for Searching Documents in a Domain

You May Also Like

Leave a Reply Cancel reply