DeepSearch is a simple command line tool for bruteforce directories and files in websites.
Installation
$ git clone https://github.com/m4ll0k/DeepSearch.git deepsearch
$ cd deepsearch
$ pip3 install requests
$ python3 deepsearch.py
Screenshots
Usage
Basic:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt
Force extension for every wordlist entry (support one extension):
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -f
Make a request by hostname (ip):
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -b
Force lowercase for every wordlist entry:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -l
Force uppercase for every wordlist entry:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -p
Show only status code separated by comma:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -o 200,301,302
Exclude status code separated by comma:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -x 501,502,503,401
URL Injection Point (%word%):
python3 deepsearch.py -u http://testphp.vulnweb.com/test%1%.php -e php -w wordlist.txt
URL Injection Point (%%):
python3 deepsearch.py -u http://testphp.vulnweb.com/id/%1%/index.html -e php -w wordlist.txt
URL Parameters Injection:
python3 deepsearch.py -u http://testphp.vulnweb.com/index.php?id=%2%&user=1 -e php -w wordlist.txt
python3 deepsearch.py -u http://testphp.vulnweb.com/index.php?%id%=1&user=2 -e php -w wordlist.txt
Add Headers:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -H "Content-Type:text/html\nETag:1234"
Proxy:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -P 127.0.0.1:8080
URLs by list:
python3 deepsearch.py -U my_urls.txt -e php -w wordlist.txt
Other Options:
python3 deepsearch.py -u http://testphp.vulnweb.com/ -e php -w wordlist.txt -t 10 -T 3 -d 2 -R -c "test=test" --random-agent