dirsearch
Web path scanner
Name:dirsearch
Category:Discovery
Publisher:trickest
Created:6/23/2021
Container:
quay.io/trickest/dirsearch:2d21d63Output Type:
License:Unknown
Source:View Source
Parameters
--ipServer IP address--rawLoad raw HTTP request from file (use '--scheme' flag to set the scheme)--torUse Tor network as proxy--urlTarget URL(s), can use multiple flags--authAuthentication credential (e.g. user:password or bearer token)--cidrTarget CIDR--dataHTTP request data--crawlCrawl for new paths in responses--delayDelay between requests--proxyProxy URL (HTTP/SOCKS), can use multiple flags--configPath to configuration file--cookieCookie--formatReport format (Available: simple,plain,json,xml,md,csv,html,sqlite,mysql,postgresql)--headerHTTP request header, can use multiple flags--schemeScheme for raw request or if there is no scheme in the URL (Default: auto-detect)--capitalCapital wordlist--retriesNumber of retries for failed requests--sessionSession file--subdirsScan sub-directories of the given URL[s] (separated by commas)--threadsNumber of threads--timeoutConnection timeout--full-urlFull URLs in the output (enabled automatically in quiet mode)--key-fileFile contains client-side certificate private key (unencrypted)--max-rateMax requests per second--max-timeMaximum runtime for the scan--no-colorNo colored output--prefixesAdd custom prefixes to all wordlist entries (separated by commas)--suffixesAdd custom suffixes to all wordlist entries, ignore directories (separated by commas)--wordlistsWordlist file--auth-typeAuthentication type (basic, digest, bearer, ntlm, jwt)--cert-fileFile contains client-side certificate--data-fileFile contains HTTP request data--interfaceNetwork interface to use--lowercaseLowercase wordlist--recursiveBrute-force recursively--uppercaseUppercase wordlist--urls-fileURL list file--wordlistsWordlists folder--extensionsExtension list separated by commas (e.g. php,asp)--proxy-authProxy authentication credential--quiet-modeQuiet mode--user-agentUser agent--http-methodHTTP method (default: GET)--nmap-reportLoad targets from nmap report (Ensure the inclusion of the -sV flag during nmap scan for comprehensive results)--exclude-textExclude responses by text, can use multiple flags--headers-fileFile contains HTTP request headers--proxies-fileFile contains proxy servers--random-agentChoose a random User-Agent for each request--replay-proxyProxy to replay with found paths--exclude-regexExclude responses by regular expression--exclude-sizesExclude responses by sizes, separated by commas (e.g. 0B,4KB)--exit-on-errorExit whenever an error occurs--deep-recursivePerform recursive scan on every directory depth (e.g. api/users -> api/)--exclude-statusExclude status codes, separated by commas, support ranges (e.g. 301,500-599)--include-statusInclude status codes, separated by commas, support ranges (e.g. 200,300-399)--skip-on-statusSkip target whenever hit one of these status codes, separated by commas, support ranges--exclude-subdirsExclude the following subdirectories during recursive scan (separated by commas)--force-recursiveDo recursive brute-force for every found path, not only directories--exclude-redirectExclude responses if this regex (or text) matches redirect URL (e.g. '/index.html')--exclude-responseExclude responses similar to response of this page, path as input (e.g. 404.html)--follow-redirectsFollow HTTP redirects--force-extensionsAdd extensions to the end of every wordlist entry. By default dirsearch only replaces the %EXT% keyword with extensions--recursion-statusValid status codes to perform recursive scan, support ranges (separated by commas)--max-response-sizeMaximum response length--min-response-sizeMinimum response length--redirects-historyShow redirects history--remove-extensionsRemove extensions in all paths (e.g. admin.php -> admin)--exclude-extensionsExclude extension list separated by commas (e.g. asp,jsp)--max-recursion-depthMaximum recursion depth--overwrite-extensionsOverwrite other extensions in the wordlist with your extensions (selected via `-e`)