The “dirb” command in Linux is a command-line tool used for web application directory enumeration. It is commonly used to discover hidden files and directories on a web server by brute forcing the directory names. The tool works by sending HTTP requests to a web server with a list of directory names and analyzing the responses to determine if the directories exist.
The basic syntax of the command is:
# dirb [options] [URL] [wordlist]
where:
URL is the target web server
wordlist is a file containing a list of directory names to try
options are various switches to customize the behavior of the tool
For example, “dirb http://example.com /usr/share/dirb/wordlists/common.txt” will perform directory enumeration on the target “example.com” using the common.txt wordlist.
dirb Command Examples
1. Scan a webserver using the default wordlist:
# dirb https://example.org
2. Scan a webserver using a custom wordlist:
# dirb https://example.org path/to/wordlist.txt
3. Scan a webserver non-recursively:
# dirb https://example.org -r
4. Scan a webserver using a specified user-agent and cookie for HTTP-requests:
# dirb https://example.org -a user_agent_string -c cookie_string