Web Application Analysiswebbruteforcedirectoryscannerfuzzerrecon

dirsearch

dirsearch is a command-line tool designed to brute force directories and files in webservers. It offers complex web content discovery with multiple wordlist options, high accuracy, impressive performance, and advanced features.

Description

dirsearch is a feature-rich web path scanner that performs brute-force attacks against web servers to discover hidden directories and files. It supports various wordlist sources, extensions, and modern brute-force techniques, making it suitable for comprehensive web reconnaissance during penetration testing and security assessments.

The tool excels in high-performance scanning with configurable threads, recursive brute-forcing, and advanced request customization including HTTP methods, headers, and proxies. Users can tailor scans for specific needs, such as targeting particular file extensions or crawling responses for additional paths.

dirsearch provides flexible output formats including JSON, XML, CSV, and HTML, along with logging capabilities. Its quiet mode and customizable display options make it suitable for both interactive use and automated security testing pipelines.

How It Works

dirsearch performs brute-force scanning by systematically requesting combinations of dictionary words and file extensions against target web servers. It uses multi-threading for high performance, supports recursive scanning of discovered directories, and employs advanced techniques like forced extensions and deep recursion. The tool handles HTTP methods beyond GET, custom headers/data, proxy chains, and connection controls like timeouts and delays. Response analysis identifies valid paths through status codes and content signatures, with optional crawling of responses for additional discovery.

Installation

bash
sudo apt install dirsearch

Flags

-u URL, --url=URLTarget URL(s), can use multiple flags
-l PATH, --url-file=PATHURL list file
--stdinRead URL(s) from STDIN
--cidr=CIDRTarget CIDR
--raw=PATHLoad raw HTTP request from file (use `--scheme` flag to set the scheme)
-w WORDLISTS, --wordlists=WORDLISTSCustomize wordlists (separated by commas)
-e EXTENSIONS, --extensions=EXTENSIONSExtension list separated by commas (e.g. php,asp)
-f, --force-extensionsAdd extensions to the end of every wordlist entry. By default dirsearch only replaces the %EXT% keyword with
-t THREADS, --threads=THREADSNumber of threads
-r, --recursiveBrute-force recursively
--deep-recursivePerform recursive scan on every directory depth (e.g. api/users -> api/)
--force-recursiveDo recursive brute-force for every found path, not only directories
-m METHOD, --http-method=METHODHTTP method (default: GET)
-d DATA, --data=DATAHTTP request data
--data-file=PATHFile contains HTTP request data
-H HEADERS, --header=HEADERSHTTP request header, can use multiple flags
--timeout=TIMEOUTConnection timeout
--delay=DELAYDelay between requests
--proxy=PROXYProxy URL (HTTP/SOCKS), can use multiple flags
--proxy-file=PATHFile contains proxy servers
--proxy-auth=CREDENTIALProxy authentication credential
--replay-proxy=PROXYReplay proxy
--crawlCrawl for new paths in responses
--full-urlFull URLs in the output (enabled automatically in quiet mode)
--redirects-historyShow redirects history
--no-colorNo colored output
-q, --quiet-modeQuiet mode
-o PATH, --output=PATHOutput file
--format=FORMATReport format (Available: simple, plain, json, xml, md, csv, html, sqlite)
--log=PATHLog file

Examples

Show help message and usage information
dirsearch -h
Scan single target URL for directories and files
dirsearch -u http://example.com
Scan target with specific file extensions
dirsearch -u http://example.com -e php,asp
Use custom wordlist for brute forcing
dirsearch -u http://example.com -w /path/to/wordlist.txt
Scan with 50 threads for improved performance
dirsearch -u http://example.com -t 50
Perform recursive brute-force scanning
dirsearch -u http://example.com -r
Scan through specified proxy server
dirsearch -u http://example.com --proxy http://proxy:8080
Save scan results to JSON file
dirsearch -u http://example.com -o results.json --format=json
Updated 2026-04-16kali.org ↗