explaingit

maurosoria/dirsearch

14,261PythonAudience · developerComplexity · 2/5Setup · easy

TLDR

A command-line tool for security researchers that discovers hidden web pages and directories by systematically testing thousands of URL paths against a target site and reporting which ones respond.

Mindmap

mindmap
  root((repo))
    What it does
      Web path discovery
      URL brute forcing
      Security scanning
    Wordlists
      Built-in lists
      Custom lists
      Extension appending
    Output
      HTTP status codes
      CSV JSON XML
      Session resuming
    Options
      Concurrent requests
      Proxy support
      Auth support
      Rate limiting
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Run against a web target during a bug bounty engagement to discover admin panels, backup files, and exposed configuration paths.

USE CASE 2

Save scan results to CSV or JSON for a security report showing which hidden paths responded on a target site.

USE CASE 3

Resume an interrupted directory scan using session files to avoid retesting already-checked paths.

Tech stack

Python

Getting it running

Difficulty · easy Time to first run · 5min

Use only against systems you own or have explicit written permission to test, installable via pip, Docker, or standalone binary.

In plain English

dirsearch is a command-line tool that discovers hidden pages, directories, and files on websites by testing a long list of common path names against a target. The process is sometimes called web path brute-forcing: the tool systematically requests URLs like /admin, /backup, /login.php, and thousands of others to see which ones return a real response rather than a 404 error. Security researchers and bug bounty hunters use it to find parts of a website that are accessible but not publicly linked. The tool is driven by wordlists, which are plain text files where each line is a path to test. dirsearch ships with its own bundled wordlists organized into categories like common paths, configuration files, version control directories, backup files, and database files. You can also supply your own lists or combine multiple lists at once. File extension handling is flexible: you can tell the tool to append specific extensions like .php or .asp to each entry, overwrite existing extensions in the list, or test paths as-is. On the output side, dirsearch reports which paths returned successful responses, along with HTTP status codes and response sizes. Results can be saved to plain text, CSV, JSON, XML, or Markdown files. It supports continuing an interrupted scan by saving and reloading a session file. For speed and flexibility, dirsearch supports multiple concurrent requests, custom HTTP headers, proxy routing, Basic and Digest authentication, and pausing the scan on too many consecutive error responses. It can read target URLs from a file or from standard input, and accepts raw HTTP request files as an alternative to command-line flags. The tool runs on Linux, Windows, and macOS and can be installed via pip, Docker, or as a standalone binary that requires no Python installation.

Copy-paste prompts

Prompt 1
Help me run dirsearch against a test website to find hidden admin pages, using a custom wordlist and filtering out 404 responses.
Prompt 2
Show me how to configure dirsearch to test PHP-specific paths by appending .php extensions to every wordlist entry.
Prompt 3
How do I route dirsearch traffic through Burp Suite as a proxy so I can inspect the requests it makes during a scan?
Prompt 4
How do I save dirsearch scan results to a JSON file and parse the output to list only paths that returned a 200 or 301 status?
Open on GitHub → Explain another repo

← maurosoria on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.