Installation
sudo apt install gobuster
Core Modes
This defines what you are brute-forcing.
| Mode | Description |
|---|
dir | Directories |
dns | Subdomains |
vhost | Virtual hosts (one IP hosts multiple sites) |
s3 | Public Amazon S3 buckets |
fuzz | Generic fuzzing mode |
Common Commands
- Directory Brute-Forcing
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt
- Search for Specific File Extensions (
.html, .php, .bak, .txt,…)
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -x php,html,txt,bak
- Fuzzing for subdomains
gobuster dns -d example.com -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
- Fuzzing for virtual hosts
gobuster vhost -u <target_URL> -w ~/Downloads/SecLists/Discovery/DNS/bitquark-subdomains-top100000.txt --append-domain
- Speeding up
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -t 50
- Quiet Mode
Omit banner and progress bar then pipe the output to a file.
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -q > found_dirs.txt
- Handling SSL/TLS issues
Used when the target has an expired or self-signed certificate.
gobuster dir -u <target_URL> -w ~/Downloads/SecLists/Discovery/Web-Content/raft-small-directories-lowercase.txt -k