dirsearch 命令

常用示例

说明

dirsearch is a web content discovery tool that brute-forces directories and files on web servers. It sends HTTP requests for paths from a wordlist, identifying existing resources by analyzing server responses. The tool is commonly used in penetration testing and security assessments to discover hidden content, backup files, admin panels, configuration files, and other resources not linked from the main application. It uses response status codes, content length, and other heuristics to determine validity. Dirsearch includes built-in wordlists but supports custom lists for targeted scanning. Extensions can be specified to test multiple file types (e.g., checking for both /admin and /admin.php). The recursive mode continues scanning discovered directories. Advanced features include proxy support, custom headers, authentication, rate limiting, and multiple output formats. The tool can filter results by status code, response size, or content patterns to reduce false positives.

参数

-u, --url _url_

Target URL to scan.

-l, --urls-file _file_

File containing list of URLs to scan.

-w, --wordlist _file_

Custom wordlist(s) to use (comma-separated).

-e, --extensions _ext_

Extensions to append (comma-separated, e.g., php,asp,js).

-t, --threads _n_

Number of concurrent threads (default: 25).

-r, --recursive

Enable recursive scanning.

-R, --max-recursion-depth _n_

Maximum recursion depth.

-x, --exclude-status _codes_

Exclude status codes from results.

-i, --include-status _codes_

Include only these status codes.

-o, --output _file_

Save results to file.

--format _type_

Output format: plain, simple, json, xml, md, csv, html.

-H, --header _header_

Custom header (can be used multiple times).

--cookie _cookie_

Set cookies for requests.

--user-agent _ua_

Custom User-Agent string.

--random-agent

Use random User-Agent.

-b, --follow-redirects

Follow HTTP redirects.

--timeout _seconds_

Connection timeout.

--proxy _url_

Use HTTP/SOCKS proxy.

-q, --quiet

Quiet mode (minimal output).