Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/M4DM0e/DirDar

DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
https://github.com/M4DM0e/DirDar

bug-bounty bugcrowd bypass dir-listing forbiddens golang hackerone hacking pentest

Last synced: 26 days ago
JSON representation

DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it

Host: GitHub
URL: https://github.com/M4DM0e/DirDar
Owner: M4DM0e
Created: 2021-01-03T20:38:07.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2024-01-09T03:23:20.000Z (11 months ago)
Last Synced: 2024-08-03T14:06:26.139Z (4 months ago)
Topics: bug-bounty, bugcrowd, bypass, dir-listing, forbiddens, golang, hackerone, hacking, pentest
Language: Go
Homepage:
Size: 1.38 MB
Stars: 444
Watchers: 6
Forks: 96
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

WebHackersWeapons - DirDar - Forbidden) directories to break it and get dir listing on it|![](https://img.shields.io/github/stars/M4DM0e/DirDar?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)| (Weapons / Tools)
awesome-hacking-lists - M4DM0e/DirDar - DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it (Go)

README

        # DirDar v1.0

  

## Description

🏴‍☠️ bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well


### Compatabily

This tool is compatible with all kind of operating systems as long as you have GO compiler installed

## Install

You can use this command if you have Go installed and configured.

```

go get -u github.com/m4dm0e/dirdar

```

Or you can [download a release](https://github.com/m4dm0e/dirdar/releases).

To make it easier to execute you can put the directory to the binary in your environment variable `%PATH%`.



    

  


  

  Share on Twitter!

  

  



  








## Tool screen:

* Linux

  

* Windows

  

  

  

## Help&Flags

```

  -threads int

    	Number of threads (Defaulf 40)

  -err

    	If you want to show errors!(Includes 404 errors) [True-False]

  -only-ok

    	Print out only OK (Bypassed and dir listing) 

  -single string

    	Only scan single target e.g (-single https://example.com/)

  -t int

    	Set the timeout of the requests (default 10000)

  -wl string

    	Forbidden directories WordList

```

* Screenshot

  

## Bugs found by DirDar: (Will share the write up ASAP)

* BackUp files at [MTN Group](https://hackerone.com/mtn_group?type=team) (Triaged)

* OLD php scripts to SQLi at [MTN Group](https://hackerone.com/mtn_group?type=team) (Triaged)

* OLD Files to information disclosure at [BOSCH](http://psirt.bosch.com/) (Triaged)

## Review:

[![asciicast](https://asciinema.org/a/391851.svg)](https://asciinema.org/a/391851)