lunar (1) dirsearch.1.gz

Provided by: dirsearch_0.4.2+ds-3_all bug

NAME

       dirsearch - An advanced command-line tool designed to brute force directories and files in
       webservers

SYNOPSIS

       dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]

OPTIONS

       --version
              show program's version number and exit

       -h, --help
              show this help message and exit

              Mandatory:

       -u URL, --url=URL
              Target URL

       -l FILE, --url-list=FILE
              Target URL list file

       --stdin
              Target URL list from STDIN

       --cidr=CIDR
              Target CIDR

       --raw=FILE
              Load raw HTTP request from file (use `--scheme` flag to set the scheme)

       -e EXTENSIONS, --extensions=EXTENSIONS
              Extension list separated by commas (Example: php,asp)

       -X EXTENSIONS, --exclude-extensions=EXTENSIONS
              Exclude extension list separated by commas (Example: asp,jsp)

       -f, --force-extensions
              Add extensions to every wordlist entry. By  default  dirsearch  only  replaces  the
              %EXT% keyword with extensions

              Dictionary Settings:

       -w WORDLIST, --wordlists=WORDLIST
              Customize wordlists (separated by commas)

       --prefixes=PREFIXES
              Add custom prefixes to all wordlist entries (separated by commas)

       --suffixes=SUFFIXES
              Add  custom  suffixes  to  all  wordlist  entries, ignore directories (separated by
              commas)

       --only-selected
              Remove paths have different extensions from selected ones via  `-e`  (keep  entries
              don't have extensions)

       --remove-extensions
              Remove extensions in all paths (Example: admin.php -> admin)

       -U, --uppercase
              Uppercase wordlist

       -L, --lowercase
              Lowercase wordlist

       -C, --capital
              Capital wordlist

              General Settings:

       -t THREADS, --threads=THREADS
              Number of threads

       -r, --recursive
              Brute-force recursively

       --deep-recursive
              Perform recursive scan on every directory depth (Example: api/users -> api/)

       --force-recursive
              Do recursive brute-force for every found path, not only paths end with slash

       -R DEPTH, --recursion-depth=DEPTH
              Maximum recursion depth

       --recursion-status=CODES
              Valid status codes to perform recursive scan, support ranges (separated by commas)

       --subdirs=SUBDIRS
              Scan sub-directories of the given URL[s] (separated by commas)

       --exclude-subdirs=SUBDIRS
              Exclude the following subdirectories during recursive scan (separated by commas)

       -i CODES, --include-status=CODES
              Include status codes, separated by commas, support ranges (Example: 200,300-399)

       -x CODES, --exclude-status=CODES
              Exclude status codes, separated by commas, support ranges (Example: 301,500-599)

       --exclude-sizes=SIZES
              Exclude responses by sizes, separated by commas (Example: 123B,4KB)

       --exclude-texts=TEXTS
              Exclude responses by texts, separated by commas (Example: 'Not found', 'Error')

       --exclude-regexps=REGEXPS
              Exclude  responses  by  regexps,  separated by commas (Example: 'Not foun[a-z]{1}',
              '^Error$')

       --exclude-redirects=REGEXPS
              Exclude responses by redirect regexps  or  texts,  separated  by  commas  (Example:
              'https://okta.com/*')

       --exclude-response=PATH
              Exclude responses by response of this page (path as input)

       --skip-on-status=CODES
              Skip  target  whenever  hit one of these status codes, separated by commas, support
              ranges

       --minimal=LENGTH
              Minimal response length

       --maximal=LENGTH
              Maximal response length

       --max-time=SECONDS
              Maximal runtime for the scan

       -q, --quiet-mode
              Quiet mode

       --full-url
              Full URLs in the output (enabled automatically in quiet mode)

       --no-color
              No colored output

              Request Settings:

       -m METHOD, --http-method=METHOD
              HTTP method (default: GET)

       -d DATA, --data=DATA
              HTTP request data

       -H HEADERS, --header=HEADERS
              HTTP request header, support multiple flags (Example: -H 'Referer: example.com')

       --header-list=FILE
              File contains HTTP request headers

       -F, --follow-redirects
              Follow HTTP redirects

       --random-agent
              Choose a random User-Agent for each request

       --auth-type=TYPE
              Authentication type (basic, digest, bearer, ntlm)

       --auth=CREDENTIAL
              Authentication credential (user:password or bearer token)

       --user-agent=USERAGENT

       --cookie=COOKIE

              Connection Settings:

       --timeout=TIMEOUT
              Connection timeout

       -s DELAY, --delay=DELAY
              Delay between requests

       --proxy=PROXY
              Proxy   URL,   support   HTTP   and   SOCKS   proxies   (Example:   localhost:8080,
              socks5://localhost:8088)

       --proxy-list=FILE
              File contains proxy servers

       --replay-proxy=PROXY
              Proxy to replay with found paths

       --scheme=SCHEME
              Default scheme (for raw request or if there is no scheme in the URL)

       --max-rate=RATE
              Max requests per second

       --retries=RETRIES
              Number of retries for failed requests

       -b, --request-by-hostname
              By default dirsearch requests by IP for speed. This will force dirsearch to request
              by hostname

       --ip=IP
              Server IP address

       --exit-on-error
              Exit whenever an error occurs

              Reports:

       -o FILE, --output=FILE
              Output file

       --format=FORMAT
              Report format (Available: simple, plain, json, xml, md, csv, html)

              You can change the dirsearch default configurations (default extensions,

       timeout, wordlist location, ...) by editing the "/etc/dirsearch/default.conf"  file.  More
       information at https://github.com/maurosoria/dirsearch.

SEE ALSO

       The  full  documentation for dirsearch is maintained as a Texinfo manual.  If the info and
       dirsearch programs are properly installed at your site, the command

              info dirsearch

       should give you access to the complete manual.