A tool used tobrute-forceURIs (directories and files), DNS subdomains and virtual host names.
π΅ Modules
GoBuster has a couple of modules and each module has its own flags :
dir# uses directory/file enumeration modedns# uses dns subdomain enumeration modefuzz# uses fuzzing modehelp# help about any commands3# uses aws bucket enumeration modeversion# shows the current versionvhost# uses vhost enumeration mode
π³οΈ Flags
--delay<duration># Time each thread waits between requests (e.g. 1500ms)-h# help for gobuster--no-error# Don't display errors-z# Don't display progress-o<string># Output file to write results-p<string># File containing replacement patterns-q# Don't print the banner and other noise-t<int># Number of concurrent threads (default 10)-v# Verbose output (errors)-w<string># Path to the wordlist
Examples
# discover txt,html,js,json,php,py filesgobuster dir -u http://0.0.0.0 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,html,js,json,php,py
# exclude 403,404 codesgobusterdir-uhttp://0.0.0.0-w/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt-b403404# discover 0.0.0.0 subdomains gobusterdns-dhttp://0.0.0.0-w/usr/share/SecLists/Discovery/DNS/namelist.txt# discover txt,html,js,json,php,py files using a proxy connectiongobuster dir -u http://0.0.0.0 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,html,js,json,php,py --proxy http://127.0.0.1:8081
Feroxbuster
A simple, fast,recursivecontent discovery tool written in Rust.
# search for directories & put 404 responses awaywfuzz-w/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt--hc404http://0.0.0.0/FUZZ# search for php fileswfuzz-wwordlist/general/common.txthttp://0.0.0.0/FUZZ.php# use 2 wordlists for user & pass & put 302 responses awaywfuzz-zfile,/usr/share/wordlists/rockyou.txt-d"uname=FUZZ&pass=FUZZ"--hc302http://0.0.0.0/userinfo.php
