DirDar v1.0
🏴☠️ bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well
Share on Twitter!
Install
Run this command if you have Go installed and configured.
go get -u github.com/m4dm0e/dirdar
Or you can download a release.
To make it easier to execute you can put the binary in your $PATH
.
Tool screen:
Help&Flags
-threads int
Number of threads (Defaulf 40)
-err
If you want to show errors!(Includes 404 errors) [True-False]
-only-ok
Print out only OK (Bypassed and dir listing)
-single string
Only scan single target e.g (-single https://example.com/)
-t int
Set the timeout of the requests (default 10000)
-wl string
Forbidden directories WordList
Bugs found by DirDar: (Will share the write up ASAP)
- BackUp files at MTN Group (Triaged)
- OLD php scripts to SQLi at MTN Group (Triaged)
- OLD Files to information disclosure at BOSCH (Triaged)