❯ RedSquad

Gobuster

2 min read

************************## Gobuster Overview

Gobuster is a robust and versatile tool designed for brute-forcing URIs (directories and files), DNS subdomains, and virtual host names. It is widely used by security professionals for web application testing and reconnaissance. For this guide, the focus will be on using Gobuster to brute-force directories.

Key Features

  • Brute-force directories and files.
  • Enumerate DNS subdomains.
  • Fuzzing capabilities.
  • AWS S3 bucket enumeration.
  • Virtual host enumeration.

Modules

Gobuster includes several modules, each targeting different types of enumeration:

dir    # Uses directory/file enumeration mode
dns    # Uses DNS subdomain enumeration mode
fuzz   # Uses fuzzing mode
help   # Help about any command
s3     # Uses AWS bucket enumeration mode
version # Shows the current version
vhost  # Uses virtual host enumeration mode

Flags

Gobuster offers a variety of global flags for customization and output control:

--delay <duration>       # Time each thread waits between requests (e.g., 1500ms)
-h, --help               # Help for gobuster
    --no-error           # Don't display errors
-z, --no-progress        # Don't display progress
-o, --output <string>    # Output file to write results
-p, --pattern <string>   # File containing replacement patterns
-q, --quiet              # Don't print the banner and other noise
-t, --threads <int>      # Number of concurrent threads (default 10)
-v, --verbose            # Verbose output (errors)
-w, --wordlist <string>  # Path to the wordlist

Examples

Directory Enumeration with Wordlist Selection

gobuster dir -w `fzf-wordlists` -u http://0.0.0.0
  • Prompts for wordlist selection using fzf-wordlists.

Directory Enumeration with Specified File Extensions

gobuster dir -u http://0.0.0.0 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,html,js,json,php,py
  • -x txt,html,js,json,php,py: Specifies the file extensions to search for.

Directory Enumeration Ignoring Specific Status Codes

gobuster dir -u http://0.0.0.0 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -d 403 404
  • -d 403 404: Ignores HTTP status codes 403 and 404.

DNS Subdomain Enumeration

gobuster dns -d http://0.0.0.0 -w /usr/share/SecLists/Discovery/DNS/namelist.txt
  • Uses the DNS module with a specified wordlist for subdomain enumeration.

Directory Enumeration with Proxy

gobuster dir -u http://0.0.0.0 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,html,js,json,php,py --proxy http://127.0.0.1:8081
  • Uses a proxy for the requests.