目录爆破工具dirsearch

在github中下下来

网址：https://github.com/maurosoria/dirsearch

 

 

 

下载下来

我是用的kail 所以我把它也放在kail里面了

dirsearch需要python3，kail中是自带的

进入dirsearch目录后

执行./dirsearch.py -u 10.0.3.45 -e php

-u 指定url

-e 指定网站语言

-w 可以加上自己的字典（带上路径）

-r 递归跑（查到一个目录后，在目录后在重复跑，很慢，不建议用）

--random-agents 使用代理（使用的代理目录在uesr-agents.txt中，可以自己添加）

在此路径下的db目录是此款工具自带的字典

在此路径下的reports目录是你所有爬过的网站

 

转载：https://blog.csdn.net/Jiajiajiang_/article/details/81391982

Installation & Usage
------------

```
git clone https://github.com/maurosoria/dirsearch.git
cd dirsearch
python3 dirsearch.py -u <URL> -e <EXTENSION>
```

you can also use this alias to send directly to proxy
`python3 /path/to/dirsearch/dirsearch.py --http-proxy=localhost:8080`

Options
-------

```
Options:
-h, --help show this help message and exit

Mandatory:
-u URL, --url=URL URL target
-L URLLIST, --url-list=URLLIST
URL list target
-e EXTENSIONS, --extensions=EXTENSIONS
Extension list separated by comma (Example: php,asp)

Dictionary Settings:
-w WORDLIST, --wordlist=WORDLIST
-l, --lowercase
-f, --force-extensions
Force extensions for every wordlist entry (like in
DirBuster)

General Settings:
-s DELAY, --delay=DELAY
Delay between requests (float number)
-r, --recursive Bruteforce recursively
--suppress-empty, --suppress-empty
--scan-subdir=SCANSUBDIRS, --scan-subdirs=SCANSUBDIRS
Scan subdirectories of the given -u|--url (separated
by comma)
--exclude-subdir=EXCLUDESUBDIRS, --exclude-subdirs=EXCLUDESUBDIRS
Exclude the following subdirectories during recursive
scan (separated by comma)
--exclude-texts='Not found', 'Error'
Exclude results by text in response
--exclude-regexps='Not foun[a-z]{1}', '^Error$'
Exclude results by text regexp in response
-t THREADSCOUNT, --threads=THREADSCOUNT
Number of Threads
-x EXCLUDESTATUSCODES, --exclude-status=EXCLUDESTATUSCODES
Exclude status code, separated by comma (example: 301,
500)
-c COOKIE, --cookie=COOKIE
--ua=USERAGENT, --user-agent=USERAGENT
-F, --follow-redirects
-H HEADERS, --header=HEADERS
Headers to add (example: --header "Referer:
example.com" --header "User-Agent: IE"
--random-agents, --random-user-agents

Connection Settings:
--timeout=TIMEOUT Connection timeout
--ip=IP Resolve name to IP address
--proxy=HTTPPROXY, --http-proxy=HTTPPROXY
Http Proxy (example: localhost:8080
--max-retries=MAXRETRIES
-b, --request-by-hostname
By default dirsearch will request by IP for speed.
This forces requests by hostname

Reports:
--simple-report=SIMPLEOUTPUTFILE
Only found paths
--plain-text-report=PLAINTEXTOUTPUTFILE
Found paths with status codes
--json-report=JSONOUTPUTFILE

```