Dirs3arch - HTTP(S) Directory/File Brute Forcer

dirs3arch is a simple command line tool designed to brute force directories and files in websites.

Features
  • Keep alive connections
  • Multithreaded
  • Detect not found web pages when 404 not found errors are masked (.htaccess, web.config, etc).
  • Recursive brute forcing

Usage: dirs3arch.py [-u|--url] target [-e|--extensions] extensions [options]

Options:
-h, --help show this help message and exit

Mandatory:
-u URL, --url=URL URL target
-e EXTENSIONS, --extensions=EXTENSIONS
Extensions list separated by comma (Example: php, asp)

Dictionary Settings:
-w WORDLIST, --wordlist=WORDLIST
-l, --lowercase

General Settings:
-r, --recursive Bruteforce recursively
-t THREADSCOUNT, --threads=THREADSCOUNT
Number of Threads
-x EXCLUDESTATUSCODES, --exclude-status=EXCLUDESTATUSCODES
Exclude status code, separated by comma (example: 301,
500)
--cookie=COOKIE, --cookie=COOKIE
--user-agent=USERAGENT, --user-agent=USERAGENT
--no-follow-redirects, --no-follow-redirects

Connection Settings:
--timeout=TIMEOUT, --timeout=TIMEOUT
Connection timeout
--ip=IP, --ip=IP Destination IP (instead of resolving domain, use this
ip)
--http-proxy=HTTPPROXY, --http-proxy=HTTPPROXY
Http Proxy (example: localhost:8080
--max-retries=MAXRETRIES, --max-retries=MAXRETRIES

Reports:
-o OUTPUTFILE, --output=OUTPUTFILE
--json-output=JSONOUTPUTFILE, --json-output=JSONOUTPUTFILE