dirs3arch is a simple command line tool designed to brute force directories and files in websites. It’s a HTTP File & Directory Brute Forcing Tool similar to DirBuster.
Features
- Keep alive connections
- Multithreaded
- Detect not found web pages when 404 not found errors are masked (.htaccess, web.config, etc).
- Recursive brute forcing
Getting Started
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
Usage: dirs3arch.py [-u|--url] target [-e|--extensions] extensions [options] Options: -h, --help show this help message and exit Mandatory: -u URL, --url=URL URL target -e EXTENSIONS, --extensions=EXTENSIONS Extensions list separated by comma (Example: php, asp) Dictionary Settings: -w WORDLIST, --wordlist=WORDLIST -l, --lowercase General Settings: -r, --recursive Bruteforce recursively -t THREADSCOUNT, --threads=THREADSCOUNT Number of Threads -x EXCLUDESTATUSCODES, --exclude-status=EXCLUDESTATUSCODES Exclude status code, separated by comma (example: 301, 500) --cookie=COOKIE, --cookie=COOKIE --user-agent=USERAGENT, --user-agent=USERAGENT --no-follow-redirects, --no-follow-redirects Connection Settings: --timeout=TIMEOUT, --timeout=TIMEOUT Connection timeout --ip=IP, --ip=IP Destination IP (instead of resolving domain, use this ip) --http-proxy=HTTPPROXY, --http-proxy=HTTPPROXY Http Proxy (example: localhost:8080 --max-retries=MAXRETRIES, --max-retries=MAXRETRIES Reports: -o OUTPUTFILE, --output=OUTPUTFILE --json-output=JSONOUTPUTFILE, --json-output=JSONOUTPUTFILE |
You can download dirs3arch here:
Or read more here.