Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

DirSearch - Website Directory Scanner

DirSearch is a simple command line tool designed to brute force directories and files in websites.

Operating Systems Supported:

  • Windows XP/7/8/10
  • GNU/Linux
  • MacOSX


  • Multithreaded
  • Keep alive connections
  • Support for multiple extensions (-e|--extensions asp,php)
  • Reporting (plain text, JSON)
  • Heuristically detects invalid web pages
  • Recursive brute forcing
  • HTTP proxy support
  • User agent randomization
  • Batch processing
  • Request delaying


Usage: [-u|--url] target [-e|--extensions] extensions [options]

-h, --help show this help message and exit

-u URL, --url=URL URL target
-L URLLIST, --url-list=URLLIST
URL list target
Extension list separated by comma (Example: php,asp)

Dictionary Settings:
-w WORDLIST, --wordlist=WORDLIST
-l, --lowercase
-f, --force-extensions
Force extensions for every wordlist entry (like in

General Settings:
-s DELAY, --delay=DELAY
Delay between requests
-r, --recursive Bruteforce recursively
--suppress-empty, --suppress-empty
--scan-subdir=SCANSUBDIRS, --scan-subdirs=SCANSUBDIRS
Scan subdirectories of the given -u|--url (separated
by comma)
--exclude-subdir=EXCLUDESUBDIRS, --exclude-subdirs=EXCLUDESUBDIRS
Exclude the following subdirectories during recursive
scan (separated by comma)
Number of Threads
Exclude status code, separated by comma (example: 301,
-c COOKIE, --cookie=COOKIE
--ua=USERAGENT, --user-agent=USERAGENT
-F, --follow-redirects
Headers to add (example: --header "Referer:" --header "User-Agent: IE"
--random-agents, --random-user-agents

Connection Settings:
--timeout=TIMEOUT Connection timeout
--ip=IP Resolve name to IP address
--proxy=HTTPPROXY, --http-proxy=HTTPPROXY
Http Proxy (example: localhost:8080
-b, --request-by-hostname
By default dirsearch will request by IP for speed.
This forces requests by hostname

Only found paths
Found paths with status codes
Dictionaries must be text files. Each line will be processed as such, except that the special word %EXT% is used, which will generate one entry for each Extension (-e | --extension) passed as an argument.

  • example/
  • example.%EXT%

Passing the extensions "asp" and "aspx" will generate the following dictionary:
  • example/
  • example.asp
  • example.aspx

You can also use -f | --force-extensions switch to append extensions to every word in the wordlists (like DirBuster).

Download DirSearch

You might also like:
  • Introspy(iOS) - Tool For Blackbox iOS App Analysis
  • LinEnum - Local Linux Enumeration & Privilege Escalation Script
  • Vulscan - Advanced Vulnerability Scanning with Nmap
  • pWeb Suite - Web Application Penetration Testing Toolkit
  • OWASP Bricks - Web Application Security Learning Platform
  • WebVulScan - Web Application Vulnerability Scanner
  • Zarp - Network Attack Tool
  • bWAPP - An Extremely Buggy Web App For Practising Hacking
  • bee-box - A Custom Linux VM Pre-installed with bWAPP
  • HconSTF - An Open Source Security Assessment Toolkit
  • pytbull - Intrusion Detection/Prevention System (IDS/IPS) Testing Framework
  • RIPS - Tool For Detecting Vulnerabilities in PHP Applications
  • Samurai Web Testing Framework - A Virtual Machine Focused on Web Application Testing
  • Nessus - An Advanced Vulnerability Scanner
  • Resolver - A Reverse DNS Lookup Tool
  • Arachni - Web Application Security Scanner Framework
  • Sanewall - A Firewall Builder For Linux
  • Santoku - A Linux Distro For Mobile Security, Malware Analysis, and Forensics
  • SpiderFoot - An Open Source Intelligence Automation Tool
  • PacketFence - An Open Source Network Access Control System
  • Suricata - An Open Source IDS / IPS / NSM engine
  • Malwasm - Tool For Malware Reverse Engineers
  • Nishang - PowerShell For Penetration Testing and Offensive Security

This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here

Share the post

DirSearch - Website Directory Scanner


Subscribe to Effect Hacking - Hacking Tools, How To Guides An

Get updates delivered right to your inbox!

Thank you for your subscription