Dirsearch – Web Content Discovery Scanner

Dirsearch - Web Content Discovery Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

To find known misconfigurations, juicy APIs or endpoints, sensitive data exposure, config file, etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints. With web path fuzzing you can find a lot of juicy data that can’t be find on google search.

Dirsearch

Web path scanner to find endpoins, juicy data, sensitive files, config and more.

Installation & Usage

Requirement: python 3.7 or higher

Choose one of these installation options:

  • Install with gitgit clone https://github.com/maurosoria/dirsearch.git --depth 1 (RECOMMENDED)
  • Install with ZIP file: Download here
  • Install with Docker: docker build -t "dirsearch:v0.4.3" . (more information can be found here)
  • Install with PyPi: pip3 install dirsearch or pip install dirsearch
  • Install with Kali Linux: sudo apt-get install dirsearch (deprecated)

Wordlists (IMPORTANT)

Summary:

  • Wordlist is a text file, each line is a path.
  • About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag.
  • For wordlists without %EXT% (like SecLists), -f | –force-extensions switch is required to append extensions to every word in wordlist, as well as the /.
  • To apply your extensions to wordlist entries that have extensions already, use -O | –overwrite-extensions (Note: some extensions are excluded from being overwritted such as .log.json.xml, … or media extensions like .jpg.png)
  • To use multiple wordlists, you can separate your wordlists with commas. Example: wordlist1.txt,wordlist2.txt.

Configuration

By default, config.ini inside your dirsearch directory is used as the configuration file but you can select another file via --config flag or DIRSEARCH_CONFIG environment variable.

How to use

Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Simple usage

python3 dirsearch.py -u https://target

python3 dirsearch.py -e php,html,js -u https://target

python3 dirsearch.py -e php,html,js -u https://target -w /path/to/wordlist

Pausing progress

dirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later), skip the current target, or skip the current sub-directory.

Dirsearch - Web Directory Fuzzing to Find Web Sensitive Files, Data Leaks, User Files

Filters

Use -i | –include-status and -x | –exclude-status to select allowed and not allowed response status-codes

For more advanced filters: –exclude-sizes–exclude-texts–exclude-regexps–exclude-redirects and –exclude-response

python3 dirsearch.py -e php,html,js -u https://target –exclude-texts “403 Forbidden”

python3 dirsearch.py -e php,html,js -u https://target –exclude-regexps “^Error$”

python3 dirsearch.py -e php,html,js -u https://target –exclude-status 403,404,500


You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 3 =