Passing php and html as extensions with -f/--force-extensions flag will generate the following dictionary: Show
Passing jsp and jspa as extensions with -O/--overwrite-extensions flag will generate the following dictionary: OptionsConfigurationBy default, # If you want to edit dirsearch default configurations, you can # edit values in this file. Everything after `#` is a comment # and won't be applied [general] threads = 25 recursive = False deep-recursive = False force-recursive = False recursion-status = 200-399,401,403 max-recursion-depth = 0 exclude-subdirs = %%ff/,.;/,..;/,;/,./,../,%%2e/,%%2e%%2e/ random-user-agents = False max-time = 0 exit-on-error = False # subdirs = /,api/ # include-status = 200-299,401 # exclude-status = 400,500-999 # exclude-sizes = 0b,123gb # exclude-text = "Not found" # exclude-regex = "^403$" # exclude-redirect = "*/error.html" # exclude-response = 404.html # skip-on-status = 429,999 [dictionary] default-extensions = php,aspx,jsp,html,js force-extensions = False overwrite-extensions = False lowercase = False uppercase = False capitalization = False # exclude-extensions = old,log # prefixes = .,admin # suffixes = ~,.bak # wordlists = /path/to/wordlist1.txt,/path/to/wordlist2.txt [request] http-method = get follow-redirects = False # headers-file = /path/to/headers.txt # user-agent = MyUserAgent # cookie = SESSIONID=123 [connection] timeout = 7.5 delay = 0 max-rate = 0 max-retries = 1 ## By disabling `scheme` variable, dirsearch will automatically identify the URI scheme # scheme = http # proxy = localhost:8080 # proxy-file = /path/to/proxies.txt # replay-proxy = localhost:8000 [advanced] crawl = False [view] full-url = False quiet-mode = False color = True show-redirects-history = False [output] ## Support: plain, simple, json, xml, md, csv, html, sqlite report-format = plain autosave-report = True autosave-report-folder = reports/ # log-file = /path/to/dirsearch.log # log-file-size = 50000000 How to use Some examples for how to use dirsearch - those are the most common arguments. If you need all, just use the -h argument. Simple usagePausing progressdirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later), skip the current target, or skip the current sub-directory. Recursion
ThreadsThe thread number (-t | --threads) reflects the number of separated brute force processes. And so the bigger the thread number is, the faster dirsearch runs. By default, the number of threads is 25, but you can increase it if you want to speed up the progress. In spite of that, the speed still depends a lot on the response time of the server. And as a warning, we advise you to keep the threads number not too big because it can cause DoS (Denial of Service). Prefixes / Suffixes
Wordlist: Generated with prefixes:
Wordlist: Generated with suffixes: BlacklistInside the Example: If you add FiltersUse -i | --include-status and -x | --exclude-status to select allowed and not allowed response status-codes For more advanced filters: --exclude-sizes, --exclude-texts, --exclude-regexps, --exclude-redirects and --exclude-response Raw requestdirsearch allows you to import the raw request from a file. The content would be something looked like this: Since there is no way for dirsearch to know what the URI scheme is, you need to set it using the Wordlist formatsSupported wordlist formats: uppercase, lowercase, capitalization Lowercase:Uppercase:Capital:Exclude extensionsUse -X | --exclude-extensions with an extension list will remove all paths in the wordlist that contains the given extensions # If you want to edit dirsearch default configurations, you can # edit values in this file. Everything after `#` is a comment # and won't be applied [general] threads = 25 recursive = False deep-recursive = False force-recursive = False recursion-status = 200-399,401,403 max-recursion-depth = 0 exclude-subdirs = %%ff/,.;/,..;/,;/,./,../,%%2e/,%%2e%%2e/ random-user-agents = False max-time = 0 exit-on-error = False # subdirs = /,api/ # include-status = 200-299,401 # exclude-status = 400,500-999 # exclude-sizes = 0b,123gb # exclude-text = "Not found" # exclude-regex = "^403$" # exclude-redirect = "*/error.html" # exclude-response = 404.html # skip-on-status = 429,999 [dictionary] default-extensions = php,aspx,jsp,html,js force-extensions = False overwrite-extensions = False lowercase = False uppercase = False capitalization = False # exclude-extensions = old,log # prefixes = .,admin # suffixes = ~,.bak # wordlists = /path/to/wordlist1.txt,/path/to/wordlist2.txt [request] http-method = get follow-redirects = False # headers-file = /path/to/headers.txt # user-agent = MyUserAgent # cookie = SESSIONID=123 [connection] timeout = 7.5 delay = 0 max-rate = 0 max-retries = 1 ## By disabling `scheme` variable, dirsearch will automatically identify the URI scheme # scheme = http # proxy = localhost:8080 # proxy-file = /path/to/proxies.txt # replay-proxy = localhost:8000 [advanced] crawl = False [view] full-url = False quiet-mode = False color = True show-redirects-history = False [output] ## Support: plain, simple, json, xml, md, csv, html, sqlite report-format = plain autosave-report = True autosave-report-folder = reports/ # log-file = /path/to/dirsearch.log # log-file-size = 500000000 Wordlist: After: Scan sub-directories
Proxiesdirsearch supports SOCKS and HTTP proxy, with two options: a proxy server or a list of proxy servers. ReportsSupported report formats: simple, plain, json, xml, md, csv, html, sqlite More example commandsThere are more to discover, try yourself! Support DockerInstall Docker LinuxInstall Docker
Build Image dirsearchTo create image
Using dirsearchFor using References
Tips
ContributionWe have been receiving a lot of helps from many people around the world to improve this tool. Thanks so much to everyone who have helped us so far! See CONTRIBUTORS.md to know who they are. |
Cara menggunakan php list directories only
Pos Terkait
Copyright © 2024 ketajaman Inc.
