Web path discovery tool that brute-forces directories and files on web servers using customizable wordlists
dirsearch is a web path discovery tool that performs brute-force attacks to find hidden directories and files on web servers. It sends HTTP requests to test potential paths from wordlists, helping security researchers and penetration testers identify exposed resources that may not be publicly linked.
The tool supports extensive customization through wordlists that can include dynamic extension replacement using the %EXT% keyword. It includes bundled wordlist categories for common scenarios like configuration files, version control systems, backups, databases, and web applications. Users can force extensions to be appended to all wordlist entries or overwrite existing extensions in wordlist items.
dirsearch offers session management for resuming interrupted scans, recursive directory scanning with configurable depth limits, and filtering options based on HTTP status codes, response sizes, or content patterns. It supports various authentication methods including basic, digest, bearer tokens, and NTLM, along with custom headers, cookies, and client certificates for accessing protected resources.
The tool runs on Linux, Windows, and macOS with both Python-based installation and standalone binaries. It includes threading support, proxy configuration, output formatting options (including JSON and CSV), and can process multiple targets from files, STDIN, CIDR ranges, or nmap reports.
# via Git
git clone https://github.com/maurosoria/dirsearch.git --depth 1
# via pip
pip3 install dirsearch
# via Docker
docker build -t "dirsearch:v0.4.3" .