• Join CraxPro and earn real money through our Credit Rewards System. Participate and redeem credits for Bitcoin/USDT. Start earning today!
    Read the detailed thread here

Dirsearch Detailed Usage Guide

Currently reading:
 Dirsearch Detailed Usage Guide

miracle123456

Member
LV
1
Joined
Oct 10, 2024
Threads
10
Likes
2
Awards
4
Credits
567©
Cash
0$

Introduction​

Dirsearch is an open-source, command-line-based web directory scanner designed to discover hidden directories and files on a web server. It is a fast and efficient tool often used in security assessments and penetration testing to identify sensitive files and paths that might not be easily visible. Dirsearch supports brute-forcing of directories and files and can be configured to use custom wordlists for targeted scanning.

This guide provides an in-depth overview of Dirsearch's installation, configuration, and usage, including detailed examples, common use cases, and troubleshooting steps.


Table of Contents​

  1. System Requirements
  2. Installation
  3. Basic Usage
    • Scanning a Single URL
    • Scanning with Custom Wordlist
    • Limiting Scan Depth
  4. Advanced Features
    • Recursive Scanning
    • HTTP Authentication
    • File Extensions and Custom Rules
  5. Configuration and Customization
    • Using Custom Wordlists
    • Configuring Rate Limits
    • Output Options
  6. Common Use Cases
    • Discovery of Hidden Files and Directories
    • Subdomain Scanning
  7. Troubleshooting
  8. Contributing
  9. License

1. System Requirements​

Dirsearch is a lightweight Python script, making it easy to run on most operating systems. The following system requirements are recommended for optimal performance:
  • Operating System: Linux, macOS, or Windows (with Python installed)
  • Python: Python 3.6+ (including all dependencies)
  • Memory: 1 GB RAM (2 GB or more recommended for large scans)
  • Disk Space: At least 50 MB free for installation and logs

2. Installation​

2.1 Installation via GitHub​

  1. Clone the repository: Dirsearch can be cloned directly from GitHub. Open a terminal and run:
    git clone https://github.com/maurosoria/dirsearch.git
  2. Navigate to the Dirsearch directory:
    cd dirsearch
  3. Install Python dependencies: Ensure that Python 3 and pip are installed, then install the necessary dependencies:
    pip3 install -r requirements.txt
  4. Verify the installation: To verify that Dirsearch is working correctly, run:
    python3 dirsearch.py -h

3. Basic Usage​

Dirsearch is very straightforward to use for basic directory scanning. Below are some of the most common commands for performing a scan.

3.1 Scanning a Single URL​

To begin a simple directory scan on a target URL:
python3 dirsearch.py -u http://example.com
This command will scan the http://example.com URL using the default wordlist, checking for common directories like /admin, /uploads, /images, etc.

3.2 Scanning with Custom Wordlist​

By default, Dirsearch uses a predefined wordlist, but you can use your own custom wordlist by specifying it with the -w option:
python3 dirsearch.py -u http://example.com -w /path/to/your/wordlist.txt

3.3 Limiting Scan Depth​

You can limit the depth of the scan, which controls how many levels of directories Dirsearch will scan. The -e option lets you set the file extensions to scan for, and -t sets the maximum number of threads.

To limit the scan depth to 2 levels and scan for .php, .html, and .txt files:
python3 dirsearch.py -u http://example.com -d 2 -e php,html,txt
  • -d: Limits the scan depth.
  • -e: Specify file extensions to scan.

4. Advanced Features​

Dirsearch comes with a variety of advanced features to help customize and fine-tune your directory scanning process.

4.1 Recursive Scanning​

By default, Dirsearch performs a one-time scan of the base URL. If you want Dirsearch to follow discovered directories recursively, use the -r option:
python3 dirsearch.py -u http://example.com -r
This will cause Dirsearch to scan any directories it discovers, making it more thorough in uncovering hidden paths.

4.2 HTTP Authentication​

If the target website is protected by basic HTTP authentication, you can provide the username and password with the -a option:
python3 dirsearch.py -u http://example.com -a "username:password"

4.3 File Extensions and Custom Rules​

Dirsearch supports scanning for specific file extensions or types by providing a custom list using the -e option. For example:
python3 dirsearch.py -u http://example.com -e php,asp,jsp
You can also configure custom rules for the scanner by modifying or creating additional rules files.

4.4 Limiting Request Rate​

To avoid overwhelming the target server or getting blocked, you can limit the number of requests per second using the --delay option:
python3 dirsearch.py -u http://example.com --delay 1

This will introduce a delay of 1 second between requests, slowing down the scan.


5. Configuration and Customization​

Dirsearch provides a variety of configuration options, allowing you to modify its behavior for specific needs.

5.1 Using Custom Wordlists​

Dirsearch supports custom wordlists that can be specified via the -w flag. Wordlists can be created or downloaded from multiple sources like:

For example, you can use a more comprehensive wordlist for a deeper scan:
python3 dirsearch.py -u http://example.com -w /path/to/large_wordlist.txt

5.2 Configuring Rate Limits​

You can control the scan's speed with the --rate option, specifying how many requests Dirsearch should make per second:
python3 dirsearch.py -u http://example.com --rate 10
This command limits the scan to 10 requests per second.

5.3 Output Options​

Dirsearch provides several output formats for reporting results. The following options are available:
  • Standard output: Displays the results in the terminal window.
  • JSON output: Outputs results in JSON format.
    python3 dirsearch.py -u http://example.com -o result.json
  • HTML output: Outputs results in an HTML file.
    python3 dirsearch.py -u http://example.com -o result.html
You can use the -o flag to specify the output file path.


6. Common Use Cases​

6.1 Discovery of Hidden Files and Directories​

Dirsearch is most commonly used for uncovering hidden directories and files within a web server. For example:
python3 dirsearch.py -u http://example.com -w /path/to/wordlist.txt -r
This will recursively scan for any potential hidden paths, useful for identifying configuration files, backup files, or directories like /admin or /config.

6.2 Subdomain Scanning​

To combine Dirsearch with other tools, you can first discover subdomains using tools like Sublist3r or Amass, then scan those subdomains for hidden paths:
python3 dirsearch.py -u http://subdomain.example.com -w /path/to/wordlist.txt
This allows for targeted directory scanning on multiple subdomains simultaneously.

6.3 Brute-forcing Web Application Paths​

When testing web applications for exposed files, Dirsearch can be used to brute-force common file paths like /backup, /admin, /uploads, etc.:
python3 dirsearch.py -u http://example.com -w /path/to/wordlist.txt
This will attempt to find paths corresponding to common misconfigurations or sensitive endpoints.


7. Troubleshooting​

Common Issues​

  • Connection Timeout: If Dirsearch is unable to connect to the target, ensure that the target is online and that your firewall allows outbound HTTP/S connections.
  • Permission Denied Errors: Ensure that you have permission to scan the target and that you are not violating any terms of service.
  • Scan Results Are Empty: If no directories or files are found, you may want to use a larger wordlist or check the target server for aggressive rate-limiting.

Debugging​

If you encounter issues with Dirsearch, you can enable debug mode to display additional output:
python3 dirsearch.py -u http://example.com --debug


8. Contributing​

Dirsearch is an open-source project, and contributions are welcome! If you find a bug or have an idea for a new feature, you can fork the repository, make changes, and submit a pull request. For more information on contributing, please refer to the CONTRIBUTING.md file on the GitHub repository.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Tips
Top Bottom