# dirsearch — Web Path Discovery and Directory Brute-Forcer

> A mature Python-based web path scanner for discovering hidden directories and files on web servers during penetration testing.

## Install

Save as a script file and run:

# dirsearch — Web Path Discovery and Directory Brute-Forcer

## Quick Use
```bash
pip install dirsearch
# Basic directory scan
dirsearch -u https://target.com
# With custom wordlist and extensions
dirsearch -u https://target.com -w wordlist.txt -e php,html,js
```

## Introduction
dirsearch is a command-line tool written in Python for brute-forcing directories and files on web servers. It has been a staple in the bug bounty and penetration testing community for years, offering a balance between simplicity and configurability that makes it effective for content discovery.

## What dirsearch Does
- Discovers hidden directories, files, and backup files on web servers
- Supports extension-based scanning to find language-specific resources
- Handles recursive scanning to explore discovered subdirectories automatically
- Filters responses by status code, size, and content to reduce noise
- Supports HTTP and SOCKS proxies for routing through testing infrastructure

## Architecture Overview
dirsearch is a multithreaded Python application that sends HTTP requests using a configurable thread pool. It reads wordlists line by line, appends configured extensions, and fires requests against the target URL. A response analyzer checks status codes and content length against user-defined filters. Results are logged to stdout and optionally to plain text, JSON, CSV, XML, or Markdown report files.

## Self-Hosting & Configuration
- Install via pip or clone the repository and run directly
- Provide custom wordlists with -w or use the bundled default wordlist
- Set thread count with -t (default 25) based on target tolerance
- Configure exclusion rules with --exclude-status and --exclude-sizes
- Use --deep-recursive for automatic recursive scanning of discovered paths

## Key Features
- Bundled high-quality default wordlist curated for common web paths
- Extension bruteforcing (-e) to test multiple file types per wordlist entry
- Subdirectory recursive scanning with configurable depth limits
- Request throttling with --delay to respect rate limits
- Report generation in multiple formats for documentation and tracking

## Comparison with Similar Tools
- **ffuf** — faster Go-based fuzzer with more flexible FUZZ keyword placement, but requires external wordlists
- **gobuster** — Go-based scanner focused on speed, less built-in filtering logic
- **DirBuster** — legacy Java GUI tool by OWASP, largely replaced by modern CLI tools
- **feroxbuster** — Rust-based recursive scanner with automatic depth detection

## FAQ
**Q: How does dirsearch compare to ffuf in speed?**
A: ffuf is generally faster due to Go's concurrency model. dirsearch compensates with a curated default wordlist and simpler setup for quick scans.

**Q: Can dirsearch scan multiple targets?**
A: Yes. Provide a file of URLs with -l to scan multiple targets in sequence.

**Q: Does dirsearch handle authentication?**
A: Yes. Pass cookies with --cookie, add headers with -H, or use --auth for HTTP basic authentication.

**Q: What makes dirsearch's default wordlist effective?**
A: The bundled wordlist is curated from real-world findings and common web application paths, reducing the need for external wordlist management.

## Sources
- https://github.com/maurosoria/dirsearch
- https://github.com/maurosoria/dirsearch/wiki

---
Source: https://tokrepo.com/en/workflows/asset-58d2aca7
Author: Script Depot