MCPcopy Index your code
hub / github.com/maurosoria/dirsearch

github.com/maurosoria/dirsearch @v0.4.4 sqlite

repository ↗ · DeepWiki ↗ · release v0.4.4 ↗
406 symbols 1,493 edges 74 files 21 documented · 5% 2 cross-repo links
README

dirsearch logo (light) dirsearch logo (dark)

dirsearch - Web path discovery

Build License Stars Release Sponsors Discord Twitter

An advanced web path brute-forcer

dirsearch is being actively developed by @maurosoria and @shelld3v

Reach to our Discord server to communicate with the team at best

Table of Contents

Supported Platforms

dirsearch runs on multiple platforms and can be used either via Python or standalone binaries:

Platform Python Standalone Binary
Linux (x86_64) Python 3.9+ dirsearch-linux-amd64
Windows (x64) Python 3.9+ dirsearch-windows-x64.exe
macOS (Intel) Python 3.9+ dirsearch-macos-intel
macOS (Apple Silicon) Python 3.9+ dirsearch-macos-silicon

Standalone binaries are self-contained executables that don't require Python installation.

Installation & Usage

Requirement: python 3.9 or higher

Choose one of these installation options:

  • Install with git: git clone https://github.com/maurosoria/dirsearch.git --depth 1 (RECOMMENDED)
  • Install with ZIP file: Download here
  • Install with Docker: docker build -t "dirsearch:v0.4.3" . (more information can be found here)
  • Install with PyPi: pip3 install dirsearch or pip install dirsearch
  • Install with Kali Linux: sudo apt-get install dirsearch (deprecated)

Standalone Binaries

Pre-built standalone binaries are available for all major platforms. These don't require Python to be installed.

Download from Releases

Platform Binary Name Architecture
Linux dirsearch-linux-amd64 x86_64
Windows dirsearch-windows-x64.exe x64
macOS Intel dirsearch-macos-intel x86_64
macOS Apple Silicon dirsearch-macos-silicon ARM64

Usage:

# Linux/macOS - make executable first
chmod +x dirsearch-linux-amd64
./dirsearch-linux-amd64 -u https://target

# Windows
dirsearch-windows-x64.exe -u https://target

Note: Standalone binaries include bundled db/ wordlists and config.ini. Session files are stored in $HOME/.dirsearch/sessions/ when using bundled builds.

Wordlists (IMPORTANT)

Summary: - Wordlist is a text file, each line is a path. - About extensions, unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from -e flag. - For wordlists without %EXT% (like SecLists), -f | --force-extensions switch is required to append extensions to every word in wordlist, as well as the /. - To apply your extensions to wordlist entries that have extensions already, use -O | --overwrite-extensions (Note: some extensions are excluded from being overwritted such as .log, .json, .xml, ... or media extensions like .jpg, .png) - To use multiple wordlists, you can separate your wordlists with commas. Example: wordlist1.txt,wordlist2.txt. - Bundled wordlist categories live in db/categories/ and can be selected with --wordlist-categories. Available: extensions, conf, vcs, backups, db, logs, keys, web, common (use all to include everything).

Wordlist Examples (click to expand)

Examples:

  • Normal extensions:
index.%EXT%

Passing asp and aspx as extensions will generate the following dictionary:

index
index.asp
index.aspx
  • Force extensions:
admin

Passing php and html as extensions with -f/--force-extensions flag will generate the following dictionary:

admin
admin.php
admin.html
admin/
  • Overwrite extensions:
login.html

Passing jsp and jspa as extensions with -O/--overwrite-extensions flag will generate the following dictionary:

login.html
login.jsp
login.jspa

Options

Full Options List (click to expand)

Usage: dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit

  Mandatory:
    -u URL, --url=URL   Target URL(s), can use multiple flags
    -l PATH, --urls-file=PATH
                        URL list file
    --stdin             Read URL(s) from STDIN
    --cidr=CIDR         Target CIDR
    --raw=PATH          Load raw HTTP request from file (use '--scheme' flag
                        to set the scheme)
    --nmap-report=PATH  Load targets from nmap report (Ensure the inclusion of
                        the -sV flag during nmap scan for comprehensive
                        results)
    -s SESSION_FILE, --session=SESSION_FILE
                        Session file
                        Note: legacy .pickle/.pkl sessions are no longer supported.
    --config=PATH       Path to configuration file (Default:
                        'DIRSEARCH_CONFIG' environment variable, otherwise
                        'config.ini')

  Dictionary Settings:
    -w WORDLISTS, --wordlists=WORDLISTS
                        Wordlist files or directories contain wordlists
                        (separated by commas)
    --wordlist-categories=CATEGORIES
                        Comma-separated wordlist category names (e.g.
                        common,conf,web). Use 'all' to include all bundled
                        categories
    -e EXTENSIONS, --extensions=EXTENSIONS
                        Extension list separated by commas (e.g. php,asp)
    -f, --force-extensions
                        Add extensions to the end of every wordlist entry. By
                        default dirsearch only replaces the %EXT% keyword with
                        extensions
    -O, --overwrite-extensions
                        Overwrite other extensions in the wordlist with your
                        extensions (selected via `-e`)
    --exclude-extensions=EXTENSIONS
                        Exclude extension list separated by commas (e.g.
                        asp,jsp)
    --remove-extensions
                        Remove extensions in all paths (e.g. admin.php ->
                        admin)
    --prefixes=PREFIXES
                        Add custom prefixes to all wordlist entries (separated
                        by commas)
    --suffixes=SUFFIXES
                        Add custom suffixes to all wordlist entries, ignore
                        directories (separated by commas)
    -U, --uppercase     Uppercase wordlist
    -L, --lowercase     Lowercase wordlist
    -C, --capital       Capital wordlist

  General Settings:
    -t THREADS, --threads=THREADS
                        Number of threads
    --list-sessions     List resumable sessions and exit
    --sessions-dir=PATH Directory to search for resumable sessions (default:
                        dirsearch path /sessions, or $HOME/.dirsearch/sessions
                        when bundled)
    --async             Enable asynchronous mode
    -r, --recursive     Brute-force recursively
    --deep-recursive    Perform recursive scan on every directory depth (e.g.
                        api/users -> api/)
    --force-recursive   Do recursive brute-force for every found path, not
                        only directories
    -R DEPTH, --max-recursion-depth=DEPTH
                        Maximum recursion depth
    --recursion-status=CODES
                        Valid status codes to perform recursive scan, support
                        ranges (separated by commas)
    --subdirs=SUBDIRS   Scan sub-directories of the given URL[s] (separated by
                        commas)
    --exclude-subdirs=SUBDIRS
                        Exclude the following subdirectories during recursive
                        scan (separated by commas)
    -i CODES, --include-status=CODES
                        Include status codes, separated by commas, support
                        ranges (e.g. 200,300-399)
    -x CODES, --exclude-status=CODES
                        Exclude status codes, separated by commas, support
                        ranges (e.g. 301,500-599)
    --exclude-sizes=SIZES
                        Exclude responses by sizes, separated by commas (e.g.
                        0B,4KB)
    --exclude-text=TEXTS
                        Exclude responses by text, can use multiple flags
    --exclude-regex=REGEX
                        Exclude responses by regular expression
    --exclude-redirect=STRING
                        Exclude responses if this regex (or text) matches
                        redirect URL (e.g. '/index.html')
    --exclude-response=PATH
                        Exclude responses similar to response of this page,
                        path as input (e.g. 404.html)
    --skip-on-status=CODES
                        Skip target whenever hit one of these status codes,
                        separated by commas, support ranges
    --min-response-size=LENGTH
                        Minimum response length
    --max-response-size=LENGTH
                        Maximum response length
    --max-time=SECONDS  Maximum runtime for the scan
    --exit-on-error     Exit whenever an error occurs

  Request Settings:
    -m METHOD, --http-method=METHOD
                        HTTP method (default: GET)
    -d DATA, --data=DATA
                        HTTP request data
    --data-file=PATH    File contains HTTP request data
    -H HEADERS, --header=HEADERS
                        HTTP request header, can use multiple flags
    --headers-file=PATH
                        File contains HTTP request headers
    -F, --follow-redirects
                        Follow HTTP redirects
    --random-agent      Choose a random User-Agent for each request
    --auth=CREDENTIAL   Authentication credential (e.g. user:password or
                        bearer token)
    --auth-type=TYPE    Authentication type (basic, digest, bearer, ntlm, jwt)
    --cert-file=PATH    File contains client-side certificate
    --key-file=PATH     File contains client-side certificate private key
                        (unencrypted)
    --user-agent=USER_AGENT
    --cookie=COOKIE

  Connection Settings:
    --timeout=TIMEOUT   Connection timeout
    --delay=DELAY       Delay between requests
    -p PROXY, --proxy=PROXY
                        Proxy URL (HTTP/SOCKS), can use multiple flags
    --proxies-file=PATH
                        File contains proxy servers
    --proxy-auth=CREDENTIAL
                        Proxy authentication credential
    --replay-proxy=PROXY
                        Proxy to replay with found paths
    --tor               Use Tor network as proxy
    --scheme=SCHEME     Scheme for raw request or if there is no scheme in the
                        URL (Default: auto-detect)
    --max-rate=RATE     Max requests per second
    --retries=RETRIES   Number of retries for failed requests
    --ip=IP             Server IP address
    --interface=NETWORK_INTERFACE
                        Network interface to use

  Advanced Settings:
    --crawl             Crawl for new paths in responses

  View Settings:
    --full-url          Full URLs in the output (enabled automatically in
                        quiet mode)
    --redirects-history
                        Show redirects history
    --no-color          No colored output
    -q, --quiet-mode    Quiet mode

  Output Settings:
    -o PATH/URL, --output=PATH/URL
                        Output file or MySQL/PostgreSQL URL (Format:
                        scheme://[username:password@]host[:port]/database-
                        name)
    --format=FORMAT     Report format (Available: simple, plain, json, xml,
                        md, csv, html, sqlite, mysql, postgresql)
    --log=PATH          Log file

Configuration

Configuration File Reference (click to expand)

By default, config.ini inside your dirsearch directory is used as the configuration file but you can select another file via --config flag or DIRSEARCH_CONFIG environment variable.

```ini

If you want to edit dirsearch default configurations, you can

edit values in this file. Everything after # is a comment

and won't

Core symbols most depended-on inside this repo

get
called by 56
lib/parse/headers.py
safe_get
called by 34
lib/parse/config.py
build_path
called by 27
lib/utils/file.py
safe_getboolean
called by 19
lib/parse/config.py
write
called by 17
lib/report/xml_report.py
set_color
called by 16
lib/view/colors.py
clean_path
called by 15
lib/parse/url.py
add
called by 13
lib/core/structures.py

Shape

Method 284
Class 68
Function 54

Languages

Python100%

Modules by API surface

lib/controller/controller.py35 symbols
lib/connection/requester.py29 symbols
lib/view/terminal.py27 symbols
lib/utils/file.py26 symbols
lib/core/fuzzer.py25 symbols
lib/controller/session.py19 symbols
lib/report/factory.py17 symbols
lib/core/structures.py17 symbols
lib/utils/common.py15 symbols
lib/core/dictionary.py14 symbols
lib/core/scanner.py13 symbols
lib/connection/response.py11 symbols

Dependencies from manifests, versioned

Jinja23.1.6 · 1×
PySocks1.7.1 · 1×
beautifulsoup44.14.3 · 1×
colorama0.4.6 · 1×
defusedcsv3.0.0 · 1×
defusedxml0.7.1 · 1×
httpx0.28.1 · 1×
httpx-ntlm1.4.0 · 1×
mysql-connector-python9.5.0 · 1×
ntlm-auth1.5.0 · 1×
pyopenssl25.3.0 · 1×
requests2.32.5 · 1×

Datastores touched

(mysql)Database · 1 repos

For agents

$ claude mcp add dirsearch \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact