DIR-Fuzz: A Powerful Directory Brute-Forcing Tool for Web Servers 🔍

Download the latest release

Table of Contents

1. Introduction
2. Features
3. Installation
4. Usage
5. Customization
6. Contributing
7. License
8. Contact

---

Introduction

DIR-Fuzz is a robust tool designed for security researchers and web developers. It helps uncover hidden files and directories on web servers through directory brute-forcing. With customizable wordlists and various HTTP request options, DIR-Fuzz makes it easy to find vulnerabilities and enhance web security.

For the latest version, please download it here.

Features

• Customizable Wordlists: Use your own wordlists or choose from a variety of built-in options.
• Multiple HTTP Methods: Supports GET, POST, and more, allowing for flexible requests.
• Verbose Output: Get detailed logs of the scanning process for better analysis.
• User-Friendly Interface: Simple command-line interface for ease of use.
• Fast and Efficient: Optimized for speed, allowing for quick scans without sacrificing accuracy.
• Cross-Platform: Works on Windows, macOS, and Linux.
• Open Source: Free to use and modify under the MIT License.

Installation

To install DIR-Fuzz, follow these steps:

1. Clone the Repository: Open your terminal and run the following command:

   git clone https://github.com/fakhrifnnn/DIR-Fuzz.git

2. Navigate to the Directory:

   cd DIR-Fuzz

3. Install Dependencies: Make sure you have Python 3 installed. Then, run:

   pip install -r requirements.txt

4. Run the Tool: After installation, you can start using DIR-Fuzz right away.

Usage

Using DIR-Fuzz is straightforward. Here’s a basic command to get you started:

python dir_fuzz.py -u <target_url> -w <wordlist_path>

Command Options

• -u or --url: Specify the target URL.
• -w or --wordlist: Provide the path to your wordlist file.
• -m or --method: Choose the HTTP method (GET, POST, etc.).
• -v or --verbose: Enable verbose output for detailed logs.

Example

Here’s an example of how to run DIR-Fuzz:

python dir_fuzz.py -u https://example.com -w wordlist.txt -m GET -v

This command will scan https://example.com using the specified wordlist with GET requests and provide verbose output.

Customization

You can customize DIR-Fuzz to suit your needs:

• Wordlists: Create your own wordlists or modify existing ones to target specific directories.
• HTTP Headers: Add custom headers to your requests for better control over the scanning process.
• Timeout Settings: Adjust timeout settings to handle slow responses from the server.

Adding Custom Headers

To add custom headers, use the -H option:

python dir_fuzz.py -u https://example.com -w wordlist.txt -H "User-Agent: MyCustomUserAgent"

Timeout Settings

To set a timeout, use the --timeout option:

python dir_fuzz.py -u https://example.com -w wordlist.txt --timeout 5

Contributing

We welcome contributions! If you want to help improve DIR-Fuzz, please follow these steps:

1. Fork the Repository: Click the "Fork" button on the top right of the repository page.

2. Create a New Branch:

   git checkout -b feature/YourFeature

3. Make Your Changes: Implement your feature or fix a bug.

4. Commit Your Changes:

   git commit -m "Add Your Feature"

5. Push to Your Fork:

   git push origin feature/YourFeature

6. Create a Pull Request: Go to the original repository and submit a pull request.

License

DIR-Fuzz is licensed under the MIT License. See the LICENSE file for more details.

Contact

For questions or feedback, feel free to reach out:

• Email: your.email@example.com
• Twitter: @your_twitter_handle

For the latest releases, please visit this link.

---

Thank you for using DIR-Fuzz! Happy scanning!