DirSearch - Website Directory Scanner

DirSearch - Website Directory Scanner

DirSearch is a simple command line tool designed to brute force directories and files in websites.

Operating Systems Supported:

  • Windows XP/7/8/10
  • GNU/Linux
  • MacOSX


  • Multithreaded
  • Keep alive connections
  • Support for multiple extensions (-e|--extensions asp,php)
  • Reporting (plain text, JSON)
  • Heuristically detects invalid web pages
  • Recursive brute forcing
  • HTTP proxy support
  • User agent randomization
  • Batch processing
  • Request delaying


Usage: dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]

-h, --help show this help message and exit

-u URL, --url=URL URL target
-L URLLIST, --url-list=URLLIST
URL list target
Extension list separated by comma (Example: php,asp)

Dictionary Settings:
-w WORDLIST, --wordlist=WORDLIST
-l, --lowercase
-f, --force-extensions
Force extensions for every wordlist entry (like in

General Settings:
-s DELAY, --delay=DELAY
Delay between requests
-r, --recursive Bruteforce recursively
--suppress-empty, --suppress-empty
--scan-subdir=SCANSUBDIRS, --scan-subdirs=SCANSUBDIRS
Scan subdirectories of the given -u|--url (separated
by comma)
--exclude-subdir=EXCLUDESUBDIRS, --exclude-subdirs=EXCLUDESUBDIRS
Exclude the following subdirectories during recursive
scan (separated by comma)
Number of Threads
Exclude status code, separated by comma (example: 301,
-c COOKIE, --cookie=COOKIE
--ua=USERAGENT, --user-agent=USERAGENT
-F, --follow-redirects
Headers to add (example: --header "Referer:
example.com" --header "User-Agent: IE"
--random-agents, --random-user-agents

Connection Settings:
--timeout=TIMEOUT Connection timeout
--ip=IP Resolve name to IP address
--proxy=HTTPPROXY, --http-proxy=HTTPPROXY
Http Proxy (example: localhost:8080
-b, --request-by-hostname
By default dirsearch will request by IP for speed.
This forces requests by hostname

Only found paths
Found paths with status codes
Dictionaries must be text files. Each line will be processed as such, except that the special word %EXT% is used, which will generate one entry for each extension (-e | --extension) passed as an argument.

  • example/
  • example.%EXT%

Passing the extensions "asp" and "aspx" will generate the following dictionary:
  • example/
  • example.asp
  • example.aspx

You can also use -f | --force-extensions switch to append extensions to every word in the wordlists (like DirBuster).

Source: www.effecthacking.com
DirSearch - Website Directory Scanner DirSearch - Website Directory Scanner Reviewed by Unknown on 5:16 AM Rating: 5