DirSearch - Website Directory Scanner

DirSearch - Website Directory Scanner

DirSearch is a simple command line tool designed to brute force directories and files in websites.

Operating Systems Supported:

  • Windows XP/7/8/10
  • GNU/Linux
  • MacOSX


  • Multithreaded
  • Keep alive connections
  • Support for multiple extensions (-e|--extensions asp,php)
  • Reporting (plain text, JSON)
  • Heuristically detects invalid web pages
  • Recursive brute forcing
  • HTTP proxy support
  • User agent randomization
  • Batch processing
  • Request delaying


Usage: dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]

  -h, --help            show this help message and exit

    -u URL, --url=URL   URL target
    -L URLLIST, --url-list=URLLIST
                        URL list target
    -e EXTENSIONS, --extensions=EXTENSIONS
                        Extension list separated by comma (Example: php,asp)

  Dictionary Settings:
    -w WORDLIST, --wordlist=WORDLIST
    -l, --lowercase
    -f, --force-extensions
                        Force extensions for every wordlist entry (like in

  General Settings:
    -s DELAY, --delay=DELAY
                        Delay between requests
    -r, --recursive     Bruteforce recursively
    --suppress-empty, --suppress-empty
    --scan-subdir=SCANSUBDIRS, --scan-subdirs=SCANSUBDIRS
                        Scan subdirectories of the given -u|--url (separated
                        by comma)
    --exclude-subdir=EXCLUDESUBDIRS, --exclude-subdirs=EXCLUDESUBDIRS
                        Exclude the following subdirectories during recursive
                        scan (separated by comma)
                        Number of Threads
                        Exclude status code, separated by comma (example: 301,
    -c COOKIE, --cookie=COOKIE
    --ua=USERAGENT, --user-agent=USERAGENT
    -F, --follow-redirects
    -H HEADERS, --header=HEADERS
                        Headers to add (example: --header "Referer:
                        example.com" --header "User-Agent: IE"
    --random-agents, --random-user-agents

  Connection Settings:
    --timeout=TIMEOUT   Connection timeout
    --ip=IP             Resolve name to IP address
    --proxy=HTTPPROXY, --http-proxy=HTTPPROXY
                        Http Proxy (example: localhost:8080
    -b, --request-by-hostname
                        By default dirsearch will request by IP for speed.
                        This forces requests by hostname

                        Only found paths
                        Found paths with status codes
Dictionaries must be text files. Each line will be processed as such, except that the special word %EXT% is used, which will generate one entry for each extension (-e | --extension) passed as an argument.

  • example/
  • example.%EXT%

Passing the extensions "asp" and "aspx" will generate the following dictionary:
  • example/
  • example.asp
  • example.aspx

You can also use -f | --force-extensions switch to append extensions to every word in the wordlists (like DirBuster).

No comments

Powered by Blogger.