DIRB – Domain Brute-forcing Tool


DIRB v2.21

By The Dark Raver

./dirb <url_base> [<wordlist_file(s)>] [options]

========================= NOTES =========================

<url_base> : Base URL to scan. (Use resume for session resuming)

<wordlist_file(s)> : List of wordfiles. (wordfile1,wordfile2,wordfile3...)

======================== HOTKEYS ========================

‘n’ -> Go to next directory.

‘q’ -> Stop scan. (Saving state for resume)

‘r’ -> Remaining scan stats.

======================== OPTIONS ========================

a <agent_string> : Specify your custom USER_AGENT.

c <cookie_string> : Set a cookie for the HTTP request.

f : Fine tunning of NOT_FOUND (404) detection.

H <header_string> : Add a custom header to the HTTP request.

i : Use caseinsensitive search.

l : Print “Location” header when found.

N <nf_code>: Ignore responses with this HTTP code.

o <output_file> : Save output to disk.

p <proxy[:port]> : Use this proxy. (Default port is 1080)

P <proxy_username:proxy_password> : Proxy Authentication.

r : Don‘t search recursively.

-R : Interactive recursion. (Asks for each directory)

-S : Silent Mode. Don’t show tested words. (For dumb terminals)

t : Don‘t force an ending ‘/‘ on URLs.

-u <username:password> : HTTP Authentication.

-v : Show also NOT_FOUND pages.

-w : Don’t stop on WARNING messages.

X <extensions> / x <exts_file> : Append each word with this extensions.

z <milisecs> : Add a miliseconds delay to not cause excessive Flood.

======================== EXAMPLES =======================

./dirb http://url/directory/ (Simple Test)

./dirb http://url/ -X .html (Test files with ‘.html’ extension)

./dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist)

./dirb https://secure_url/ (Simple Test with SSL)

Leave a Reply