Dirb Cheat Sheet
Classic web content scanner using wordlists to discover hidden directories and files.
Overview
Dirb performs HTTP(S) content brute forcing with built-in and custom wordlists. Slower than Go/Rust alternatives but ubiquitous on Kali and useful when you need a simple, predictable scanner without complex filters.
Authorized testing only. Generates sequential requests visible in logs. Use on in-scope web targets only.
Install
sudo apt install -y dirbdirbEssential commands
Default wordlist
dirb https://target.example.comCustom wordlist
dirb https://target.example.com /usr/share/wordlists/dirb/common.txtExtensions
dirb https://target.example.com wordlist.txt -X .php,.html,.txtSave output
dirb https://target.example.com -o dirb_results.txtCommon workflows
Authenticated scan —
dirb https://target.example.com /usr/share/wordlists/dirb/common.txt -c "sessionid=VALUE"Proxy and ignore responses —
dirb https://target.example.com -p 127.0.0.1:8080dirb https://target.example.com -N 404Case-insensitive and non-recursive —
dirb https://target.example.com -i -rMultiple targets from file —
dirb https://target.example.com -w -o report.txtFlags reference
-w | Don't stop on warnings |
|---|---|
-o | Output file |
-X | Extensions (.asp,.php) |
-c | Cookie string |
-p | Proxy host:port |
-u | User-Agent |
-H | Extra header |
-N | Ignore HTTP code |
-i | Case-insensitive |
-r | Non-recursive |
-z | Millisecond delay |
-S | Silent (no extra colors) |
Tips
- Wordlists live in /usr/share/wordlists/dirb/—pair common.txt with big.txt for depth.
- No built-in recursive mode like feroxbuster—script recursion or switch tools.
- For wildcard 404 sites, dirb struggles; use ffuf with size filters.
- Still valuable for quick checks on CTF and lab boxes.