🛠️ Gobuster
Installation
sudo apt install gobusterCore Modes
This defines what you are brute-forcing.
| Mode | Description |
|---|---|
dir | Directories |
dns | Subdomains |
vhost | Virtual hosts (one IP hosts multiple sites) |
s3 | Public Amazon S3 buckets |
fuzz | Generic fuzzing mode |
Common Commands
- Directory Brute-Forcing
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt- Search for Specific File Extensions (
.html,.php,.bak,.txt,…)
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -x php,html,txt,bak- Fuzzing for subdomains
gobuster dns -d example.com -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt- Fuzzing for virtual hosts
gobuster vhost -u <target_URL> -w ~/Downloads/SecLists/Discovery/DNS/bitquark-subdomains-top100000.txt --append-domain- Speeding up
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -t 50- Quiet Mode Omit banner and progress bar then pipe the output to a file.
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -q > found_dirs.txt- Handling SSL/TLS issues Used when the target has an expired or self-signed certificate.
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -kRelated Usage
TABLE creation_date AS "Created"
FROM "05 - Content"
WHERE contains(tools, this.file.link) AND contains(tags, "🚩")
SORT file.name ASC