Skip to content

wordlists.md

Latest commit

 

History

History
199 lines (143 loc) · 3.37 KB

wordlists.md

File metadata and controls

199 lines (143 loc) · 3.37 KB

Wordlists

Summary

  • A wordlist is a text file where each line is a path.
  • Unlike other tools, dirsearch only replaces the %EXT% keyword with extensions from the -e flag.
  • For wordlists without %EXT%, such as SecLists, use -f / --force-extensions to append extensions and / to every wordlist entry.
  • To apply selected extensions to entries that already have extensions, use --overwrite-extensions.
  • Some extensions are excluded from overwrite behavior, such as .log, .json, .xml, and media extensions like .jpg and .png.
  • Multiple wordlists can be separated with commas, for example wordlist1.txt,wordlist2.txt.
  • Bundled wordlist categories live in db/categories/ and can be selected with --wordlist-categories.
  • Wordlist generation uses --wordlist-backend=auto by default. python selects the built-in backend and native requires a native backend build.
  • Template wordlists live in db/templates/ and support placeholders.
  • Use --wordlist-status to preview resolved wordlist files and generated entry count before scanning.
  • Use --wordlist-max-size to cap generation.

Extensions

Normal extension replacement:

index.%EXT%

Passing asp and aspx as extensions generates:

index
index.asp
index.aspx

Force extensions:

admin

Passing php and html as extensions with -f / --force-extensions generates:

admin
admin.php
admin.html
admin/

Overwrite extensions:

login.html

Passing jsp and jspa as extensions with --overwrite-extensions generates:

login.html
login.jsp
login.jspa

Categories

Bundled wordlist categories are stored in db/categories/.

Available categories:

  • extensions
  • conf
  • vcs
  • backups
  • db
  • logs
  • keys
  • web
  • common

Use all to include everything:

python3 dirsearch.py -u https://target --wordlist-categories all

Templates

Template wordlists live in db/templates/ and support placeholders such as:

  • %SUBJECT%
  • %CRUD_OP%
  • %AUTH_OP%
  • %ADMIN_OP%
  • %ENV%
  • %DATE%
  • %API_VERSION%
  • %CATEGORY:name%
  • %EXT%

Preview resolved files and generated entry counts without scanning:

python3 dirsearch.py -u https://target --wordlist-status

Limit generated entries:

python3 dirsearch.py -u https://target --wordlist-max-size 500000

Prefixes and Suffixes

Use --prefixes to add custom prefixes to all entries:

python3 dirsearch.py -e php -u https://target --prefixes .,admin,_

Wordlist:

tools

Generated with prefixes:

tools
.tools
admintools
_tools

Use --suffixes to add custom suffixes to all entries:

python3 dirsearch.py -e php -u https://target --suffixes ~

Wordlist:

index.php
internal

Generated with suffixes:

index.php
internal
index.php~
internal~

Wordlist Formats

Supported transformations: lowercase, uppercase, and capitalization.

Lowercase:

admin
index.html

Uppercase:

ADMIN
INDEX.HTML

Capital:

Admin
Index.html

Exclude Extensions

Use --exclude-extensions with an extension list to remove all paths in the wordlist that contain the given extensions.

python3 dirsearch.py -u https://target --exclude-extensions jsp

Wordlist:

admin.php
test.jsp

After:

admin.php