gobuster

Brute-forces hidden paths on web servers and more.

TLDR

Discover directories and files that match in the wordlist

$ gobuster dir --url [https://example.com/] --wordlist [path/to/file]
copy


Discover subdomains
$ gobuster dns --domain [example.com] --wordlist [path/to/file]
copy


Discover Amazon S3 buckets
$ gobuster s3 --wordlist [path/to/file]
copy


Discover other virtual hosts on the server
$ gobuster vhost --url [https://example.com/] --wordlist [path/to/file]
copy


Fuzz the value of a parameter
$ gobuster fuzz --url [https://example.com/?parameter=FUZZ] --wordlist [path/to/file]
copy


Fuzz the name of a parameter
$ gobuster fuzz --url [https://example.com/?FUZZ=value] --wordlist [path/to/file]
copy

DESCRIPTION

-P string

Password for Basic Auth (dir mode only)

-U string

Username for Basic Auth (dir mode only)

-a string

Set the User-Agent string (dir mode only)

-c string

Cookies to use for the requests (dir mode only)

-cn

Show CNAME records (dns mode only, cannot be used with '-i' option)

-e

Expanded mode, print full URLs

-f

Append a forward-slash to each directory request (dir mode only)

-fw

Force continued operation when wildcard found

-i

Show IP addresses (dns mode only)

-k

Skip SSL certificate verification

-l

Include the length of the body in the output (dir mode only)

-m string

Directory/File mode (dir) or DNS mode (dns) (default "dir")

-n

Don't print status codes

-o string

Output file to write results to (defaults to stdout)

-p string

Proxy to use for requests [http(s)://host:port] (dir mode only)

-q

Don't print the banner and other noise

-r

Follow redirects

-s string

Positive status codes (dir mode only) (default "200,204,301,302,307")

-t int

Number of concurrent threads (default 10)

-u string

The target URL or Domain

-v

Verbose output (errors)

-w string

Path to the wordlist

-x string

File extension(s) to search for (dir mode only)

Copied to clipboard