dirb

DIRB is a web content scanner used to discover hidden directories and files on a web server. It works by brute-forcing URLs based on predefined wordlists, helping security professionals identify potential vulnerabilities.

Usage

The basic syntax for running DIRB is:

dirb <url_base> [<wordlist_file(s)>] [options]

Where:

<url_base> is the target website or directory to scan.
<wordlist_file(s)> specifies the wordlist(s) used for enumeration.
[options] allows customization of the scan behavior.

Examples

1. Simple Directory Scan

To perform a basic scan of a directory:

dirb http://url/directory/

This scans the specified URL using the default wordlist.

2. Scanning for Specific File Extensions

DIRB allows searching for specific file types, such as .html:

dirb http://url/ -X .html

This command appends .html to each word in the wordlist, checking for the presence of these files.

3. Using a Custom Wordlist

DIRB supports custom wordlists, such as the Apache vulnerabilities wordlist:

dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt

This command scans the target using a specific wordlist containing Apache-related vulnerabilities.

Previousgobuster Nextdirsearch

Last updated 3 months ago