# Dirsearch

Dirsearch is a powerful tool designed to facilitate the discovery of directories and files on web servers. It enables penetration testers to enumerate directories and uncover potential entry points within a web application. This guide provides an overview of how to use Dirsearch effectively for web directory enumeration during penetration testing.

**Prerequisites:**

1. Basic understanding of web technologies and HTTP protocol.
2. Python installed on your system. You can download it from [Python's official website](https://www.python.org/downloads/).
3. Dirsearch installed on your system (Kali). You can download it from [Dirsearch's GitHub repository](https://github.com/maurosoria/dirsearch)

**How to use:**

1. **Launch Dirsearch:**
   * Open your terminal or command prompt.
2. **Navigate to Dirsearch Directory:**
   * Change your current directory to the Dirsearch folder where the tool is located. or just run dirsearch from terminal to test
3. **Perform Basic Scan:**
   * Run Dirsearch with the target URL.
   * Example command: 

```
python3 dirsearch.py -u <target_URL> -e *

or

dirsearch -u <target_URL> -e *
```

* Replace `<target_URL>` with the URL of the target web application.

1. **Customize Scan Options:**
   * Explore Dirsearch's various options to customize the scan according to your requirements.
   * Options include specifying wordlists, adjusting timeout values, and limiting the scan depth.
2. **Output Results to File:**
   * Use the `-o` flag to specify the output file for the scan results.
   * Example command:&#x20;

```
python3 dirsearch.py -u <target_URL> -e * -o scan_results.txt

or

dirsearch -u <target_URL> -e * -o scan_results.txt
```

* This command saves the scan results to a file named `scan_results.txt`.

1. **Choose Wordlist:**
   * Select a wordlist to use for directory and file brute-forcing. Dirsearch provides a default wordlist, but you can also specify custom wordlists using the `-w` flag.

```
python3 dirsearch.py -u <target_URL> -e * -w /usr/share/wordlist/dirb/medium.txt

or

dirsearch -u <target_URL> -e * -w /usr/share/wordlist/dirb/medium.txt
```

1. **Monitor Progress:**
   * Monitor the progress of the scan in real-time. Dirsearch will display directories and files discovered during the scan.

<figure><img src="/files/pBFBdKkU6UtU07u8bKo7" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ptplaybook.mfbktech.academy/tools/dirsearch.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.