DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.
git clone https://github.com/rly0nheart/DirBruter.git
cd DirBruter
pip install -r requirements.txt
sudo chmod +x dirBruter
Linux
dirBruter -u "http://testphp.vulnweb.com" -w DBwordlist.txt
Windows
python dirBruter -u "http://testphp.vulnweb.com" -w "DBwordlist.txt"
or
python3 dirBruter -u "http://testphp.vulnweb.com" -w "DBwordlist.txt"
| Option | Metavar | Description |
|---|---|---|
-t/--threads |
threads | number of threads (default is 1) |
-w/--wordlist |
wordlist | wordlist/path to wordlist file |
-o/--output |
filename | write found results to a file |
-e/--extensions |
extensions | extensions (e.g ".php,.html,.exe") |
-v/--verbose |
enable verbosity |
This Tool is made for educational purpose, and should not be used in environments without legal authorization. The author will not be responsible for any misuse of this toolkit.
dirBruter -h
If you are using default DBwordlist.txt then don't add any other extenstions.
Get the extensions wordlist from SecLists