To find known misconfigurations, juicy APIs or endpoints, sensitive data exposure, config file, etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints. With web path fuzzing you can find a lot of juicy data that can’t be find on google search.
Web path scanner to find endpoins, juicy data, sensitive files, config and more.
Installation & Usage
Requirement: python 3.7 or higher
Choose one of these installation options:
- Install with git:
git clone https://github.com/maurosoria/dirsearch.git --depth 1(RECOMMENDED)
- Install with ZIP file: Download here
- Install with Docker:
docker build -t "dirsearch:v0.4.3" .(more information can be found here)
- Install with PyPi:
pip3 install dirsearchor
pip install dirsearch
- Install with Kali Linux:
sudo apt-get install dirsearch(deprecated)
- Wordlist is a text file, each line is a path.
- About extensions, unlike other tools, dirsearch only replaces the
%EXT%keyword with extensions from -e flag.
- For wordlists without
%EXT%(like SecLists), -f | –force-extensions switch is required to append extensions to every word in wordlist, as well as the
- To apply your extensions to wordlist entries that have extensions already, use -O | –overwrite-extensions (Note: some extensions are excluded from being overwritted such as .log, .json, .xml, … or media extensions like .jpg, .png)
- To use multiple wordlists, you can separate your wordlists with commas. Example:
config.ini inside your dirsearch directory is used as the configuration file but you can select another file via
--config flag or
DIRSEARCH_CONFIG environment variable.
How to use
dirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later), skip the current target, or skip the current sub-directory.
Use -i | –include-status and -x | –exclude-status to select allowed and not allowed response status-codes
For more advanced filters: –exclude-sizes, –exclude-texts, –exclude-regexps, –exclude-redirects and –exclude-response