Provided by: dirsearch_0.4.3-1_all 
NAME
dirsearch - An advanced command-line tool designed to brute force directories and files in webservers
SYNOPSIS
dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]
OPTIONS
--version
show program's version number and exit
-h, --help
show this help message and exit
Mandatory:
-u URL, --url=URL
Target URL
-l FILE, --url-list=FILE
Target URL list file
--stdin
Target URL list from STDIN
--cidr=CIDR
Target CIDR
--raw=FILE
Load raw HTTP request from file (use `--scheme` flag to set the scheme)
-e EXTENSIONS, --extensions=EXTENSIONS
Extension list separated by commas (Example: php,asp)
-X EXTENSIONS, --exclude-extensions=EXTENSIONS
Exclude extension list separated by commas (Example: asp,jsp)
-f, --force-extensions
Add extensions to every wordlist entry. By default dirsearch only replaces the %EXT% keyword with
extensions
Dictionary Settings:
-w WORDLIST, --wordlists=WORDLIST
Customize wordlists (separated by commas)
--prefixes=PREFIXES
Add custom prefixes to all wordlist entries (separated by commas)
--suffixes=SUFFIXES
Add custom suffixes to all wordlist entries, ignore directories (separated by commas)
--only-selected
Remove paths have different extensions from selected ones via `-e` (keep entries don't have
extensions)
--remove-extensions
Remove extensions in all paths (Example: admin.php -> admin)
-U, --uppercase
Uppercase wordlist
-L, --lowercase
Lowercase wordlist
-C, --capital
Capital wordlist
General Settings:
-t THREADS, --threads=THREADS
Number of threads
-r, --recursive
Brute-force recursively
--deep-recursive
Perform recursive scan on every directory depth (Example: api/users -> api/)
--force-recursive
Do recursive brute-force for every found path, not only paths end with slash
-R DEPTH, --recursion-depth=DEPTH
Maximum recursion depth
--recursion-status=CODES
Valid status codes to perform recursive scan, support ranges (separated by commas)
--subdirs=SUBDIRS
Scan sub-directories of the given URL[s] (separated by commas)
--exclude-subdirs=SUBDIRS
Exclude the following subdirectories during recursive scan (separated by commas)
-i CODES, --include-status=CODES
Include status codes, separated by commas, support ranges (Example: 200,300-399)
-x CODES, --exclude-status=CODES
Exclude status codes, separated by commas, support ranges (Example: 301,500-599)
--exclude-sizes=SIZES
Exclude responses by sizes, separated by commas (Example: 123B,4KB)
--exclude-texts=TEXTS
Exclude responses by texts, separated by commas (Example: 'Not found', 'Error')
--exclude-regexps=REGEXPS
Exclude responses by regexps, separated by commas (Example: 'Not foun[a-z]{1}', '^Error$')
--exclude-redirects=REGEXPS
Exclude responses by redirect regexps or texts, separated by commas (Example:
'https://okta.com/*')
--exclude-response=PATH
Exclude responses by response of this page (path as input)
--skip-on-status=CODES
Skip target whenever hit one of these status codes, separated by commas, support ranges
--minimal=LENGTH
Minimal response length
--maximal=LENGTH
Maximal response length
--max-time=SECONDS
Maximal runtime for the scan
-q, --quiet-mode
Quiet mode
--full-url
Full URLs in the output (enabled automatically in quiet mode)
--no-color
No colored output
Request Settings:
-m METHOD, --http-method=METHOD
HTTP method (default: GET)
-d DATA, --data=DATA
HTTP request data
-H HEADERS, --header=HEADERS
HTTP request header, support multiple flags (Example: -H 'Referer: example.com')
--header-list=FILE
File contains HTTP request headers
-F, --follow-redirects
Follow HTTP redirects
--random-agent
Choose a random User-Agent for each request
--auth-type=TYPE
Authentication type (basic, digest, bearer, ntlm)
--auth=CREDENTIAL
Authentication credential (user:password or bearer token)
--user-agent=USERAGENT
--cookie=COOKIE
Connection Settings:
--timeout=TIMEOUT
Connection timeout
-s DELAY, --delay=DELAY
Delay between requests
--proxy=PROXY
Proxy URL, support HTTP and SOCKS proxies (Example: localhost:8080, socks5://localhost:8088)
--proxy-list=FILE
File contains proxy servers
--replay-proxy=PROXY
Proxy to replay with found paths
--scheme=SCHEME
Default scheme (for raw request or if there is no scheme in the URL)
--max-rate=RATE
Max requests per second
--retries=RETRIES
Number of retries for failed requests
-b, --request-by-hostname
By default dirsearch requests by IP for speed. This will force dirsearch to request by hostname
--ip=IP
Server IP address
--exit-on-error
Exit whenever an error occurs
Reports:
-o FILE, --output=FILE
Output file
--format=FORMAT
Report format (Available: simple, plain, json, xml, md, csv, html)
You can change the dirsearch default configurations (default extensions,
timeout, wordlist location, ...) by editing the "/etc/dirsearch/default.conf" file. More information at
https://github.com/maurosoria/dirsearch.
SEE ALSO
The full documentation for dirsearch is maintained as a Texinfo manual. If the info and dirsearch
programs are properly installed at your site, the command
info dirsearch
should give you access to the complete manual.
dirsearch v0.4.2 September 2021 DIRSEARCH(1)