Brute Force on the Web server by “dirb”

Auntor Acharja
2 min readOct 9, 2020

DIRB is a Web Content Scanner. It mainly used for a dictionary-based attack against a web server. If we want to brute force to get a directory/Page from web server then this tools is very helpful.DIRB main purpose is to help in professional web application auditing, especially in security-related testing. It is a pre-define tool on Kali Linux. In the dirb folder( /usr/share/wordlists/dirb ) we also get some wordlist and we can also use our own wordlist.

In this blog, I am using this my OWASP machine IP address: 192.168.126.131

Step1: execute dirb in a terminal

Step2:

To start a brute force first select a wordlist, for me I select a wordlist from dirb and this is common.txt.

Then execute this command:

Formatting: dirb http://IpAddress wordlistLocation

Command:

dirb http://192.168.126.131 /usr/share/wordlists/dirb/common.txt

CODE 200 means get a directory/Page

--

--