`Dirb` is another directory and file brute-forcing tool, similar to `gobuster`. Here’s how you can use `dirb` with some examples:
1. Basic Directory Scanning:
dirb http://example.com
This command will scan the given URL for directories using the default wordlist.
2. Specify a Wordlist:
dirb http://example.com /path/to/wordlist.txt
Use a custom wordlist file for directory scanning.
3. Recursive Directory Scanning:
dirb http://example.com -r
The `-r` flag enables recursive directory scanning, which is useful for finding nested directories.
4. Custom User-Agent:
dirb http://example.com -a “Mozilla/5.0”
Set a custom User-Agent string when making requests using the `-a` flag.
5. Custom Extentions:
dirb http://example.com -X .php,.html,.txt
This command scans for directories and includes only files with the specified extensions.
6. Specify Output File:
dirb http://example.com /path/to/wordlist.txt -o results.txt
Save the scan results to a file with the `-o` flag.
7. Exclude Response Codes:
dirb http://example.com -N 404,403
Exclude specific response codes (e.g., 404 and 403) from the results using the `-N` flag.
8. Cookie Usage:
dirb http://example.com -c “cookie=example”
Use cookies in your requests with the `-c` flag.
Remember to replace `http://example.com` with the target URL and `/path/to/wordlist.txt` with the path to your wordlist file. As with any web scanning tool, ensure that you have proper authorization to perform directory and file brute-forcing on the target system, as unauthorized activities may be illegal and unethical.