DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web
Objects. It basically works by launching a dictionary based attack against
a web server and analizing the response.
DIRB comes with a set of preconfigured attack wordlists for easy usage, but
you can use your custom wordlists. Also DIRB sometimes can be used as a
classic CGI scanner, but remember it is a content scanner not a vulnerability
DIRB's main purpose is to help in professional web application auditing,
especially in security related testing. It covers some holes not covered by
classic web vulnerability scanners. DIRB looks for specific web objects that
other generic CGI scanners can't look for. It doesn't search vulnerabilities
nor does it look for web contents that can be vulnerable.
Maybe the last try for an unlucky security analyst... :)