https://github.com/mycode83/godirb
Fast and easy-to-use directory brute-forcer written in Go.
https://github.com/mycode83/godirb
brute bruteforce ctf cybersecurity dir-bruteforce dirbrute dirbuster fuzzing go pentesting redteam ux
Last synced: 1 day ago
JSON representation
Fast and easy-to-use directory brute-forcer written in Go.
- Host: GitHub
- URL: https://github.com/mycode83/godirb
- Owner: MyCode83
- License: mit
- Created: 2026-05-09T21:09:57.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-06-25T12:50:45.000Z (8 days ago)
- Last Synced: 2026-06-25T14:18:01.839Z (8 days ago)
- Topics: brute, bruteforce, ctf, cybersecurity, dir-bruteforce, dirbrute, dirbuster, fuzzing, go, pentesting, redteam, ux
- Language: Go
- Homepage:
- Size: 27.5 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# godirb
**Fast, modern recursive directory and file brute-forcer written in Go.**
Built for quick scans where you want a modern dirb-like tool: run it, get useful results, tune the obvious flags, and avoid dragging a full fuzzing framework into a simple job.




## 📦 Installation
### Go
```bash
go install github.com/MyCode83/godirb@latest
```
### Binary
Download the latest release for your platform from the
**Releases** page and add it to your `PATH`.
---
## 🚀 Quick Start
Basic scan
```bash
godirb -u https://example.com
```
Recursive
```bash
godirb -u https://example.com -r
```
Custom wordlist
```bash
godirb -u https://example.com -w paths.txt
```
JSON output
```bash
godirb -u https://example.com --json -o results.json
```
---
## ✨ Why godirb?
godirb is designed for the common case: you want to enumerate directories and files quickly, without configuring a large fuzzing framework.
### Highlights
- ⚡ Fast native Go binary
- 📦 Single executable
- 📚 Embedded wordlists
- 🔄 Recursive scanning
- 📂 Directory and file discovery
- 🎯 Wildcard detection
- 🌐 Port fuzzing (`http://host:FUZZ`)
- 📄 JSON & CSV output
- 🧩 Simple CLI
---
## 📊 godirb vs DirSearch
DirSearch is a mature and feature-rich web path scanner.
godirb intentionally focuses on the most common workflow: install, run and get useful results with minimal setup.
| Feature | godirb | DirSearch |
| :--- | :---: | :---: |
| Find files and folders | ✅ | ✅ |
| Recursive scan | ✅ | ✅ |
| Custom wordlists | ✅ | ✅ |
| Written in Go | ✅ | ❌ |
| Single binary | ✅ | ❌ |
| Embedded default wordlists | ✅ | ❌ |
| Works without runtime wordlist files | ✅ | ❌ |
| Port fuzzing (`http://host:FUZZ`) | ✅ | ❌ |
---
## 📦 Features
### Scanning
- Directory and file brute-forcing
- Recursive mode (`-r`, `--recursive`)
- Extensions (`-x`, `--ext`)
- Custom wordlists (`-w`, `--wordlist`)
- FUZZ placeholder mode
### Embedded Wordlists
- small
- common
- medium *(default)*
- big
- ports
- payloads
- xss
- lfi
### Output
- Standard text
- Quiet mode
- JSON
- CSV
- File output
### Control
- Threads (`-t`, `--threads`)
- Ignore status codes (`-i`, `--ignore`)
- Default ignored codes: `404,400,405,408`
- Wildcard detection
---
## 💻 Examples
Basic scan
```bash
godirb -u https://example.com
```
Recursive
```bash
godirb -u https://example.com -r
```
Custom wordlist
```bash
godirb -u https://example.com -w paths.txt
```
Extensions
```bash
godirb -u https://example.com -x php,txt,bak
```
FUZZ parameter
```bash
godirb -u "https://example.com/search?q=FUZZ" -w payloads
```
Port fuzzing
```bash
godirb -u https://example.com:FUZZ
```
Export JSON
```bash
godirb -u https://example.com --json -o results.json
```
Export CSV
```bash
godirb -u https://example.com --csv -o results.csv
```
---
## 📋 Example Output
```text
[DIR] https://example.com/admin ---> 200 | 1234
[FILE] https://example.com/login.php ---> 200 | 842
[DIR] https://example.com/uploads ---> 403 | 795
```
---
📖 Embedded wordlists
| Name | Purpose |
|------|---------|
| small | Tiny scans |
| common | common.txt from SecLists |
| medium | Default |
| big | Larger enumeration |
| ports | Port fuzzing |
| payloads | Generic payloads |
| xss | XSS payloads |
| lfi | LFI payloads |
---
## ⚠️ Disclaimer
Use **godirb** only for authorized security testing, labs and CTFs.
You are responsible for obtaining permission before scanning any target.
---
## 📄 License
Licensed under the **MIT License**. See **LICENSE** for details.