🤓
TurvSec Wiki
  • 👨‍💻Who is Mr Turvey
  • Blogs and Notes
    • Techie Blogs
      • Troubleshooting Nessus
      • Bypassing CAPTCHA
      • How to Proxy Linux Traffic
    • Miscellaneous Blogs
      • PSD2 and Open Banking
      • Cheap Pen Testing
      • Top 10 Pen Testing Tools
      • Scoping Web Applications
  • Web App Testing
    • 🌍Content Discovery
      • 🔎Subdomain Enumeration
      • 📃Dir & Page Enumeration
    • 💉Injections
      • CSV Injection
    • 🕸️JSON WEB TOKENS
    • 🔏Testing SSL/TLS
    • 📮Testing APIs with POSTMAN
  • Offensive Security
    • 🎣Phishing with Evilginx2
    • 🔐WPA2 Cracking
  • Physical Security
    • 👨‍✈️Social Engineering
  • Tools
    • Burp2API - BurpSuite to JSON
    • allthewayback - Search Wayback
    • Thicc - Thick App Testing Aid
Powered by GitBook
On this page
  • dirsearch
  • Wordlists
  1. Web App Testing
  2. Content Discovery

Dir & Page Enumeration

Enumerating directories and pages with dirsearch

PreviousSubdomain EnumerationNextInjections

Last updated 2 years ago

When doing bug bounties or various types of assessment, you may want to find unknown pages and directories to find any flaws. To do this, start with their domain name, like google.com and then using the tool below, you can find any pages and directories .

dirsearch.py -u <URL> -x 404 -w /lists/SecLists/Discovery/Web-Content/<wordlist> -m POST

The -u flag is where you input the domain name

The -x flag exclude the given status codes. HTTP 404 is usually not interesting, so I exclude it.

The -w flag is where you provide a wordlist. Read the section below for more information on this.

The -m flag is used to specify the HTTP method. You may want to search for GET, PUT, POST, etc

Wordlists

You will need to use various known wordlists or create your own wordlist to be effective here. I like to use , as there is a wide range of good wordlists in this Github repository.

Here's some wordlists I typically use for enumeration with dirsearch:

  • SecLists/Discovery/Web-Content/common.txt

  • SecLists/Discovery/Web-Content/swagger.txt

  • SecLists/Discovery/Web-Content/quickhits.txt

  • SecLists/Discovery/Web-Content/dirsearch.txt

  • SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt

🌍
📃
dirsearch
SecLists
dirsearch output.