gobuster

Brute-forces hidden paths on web servers and more.

TLDR

Discover directories and files that match in the wordlist

$ gobuster dir --url [https://example.com/] --wordlist [path/to/file]
copy

Discover subdomains

$ gobuster dns --domain [example.com] --wordlist [path/to/file]
copy

Discover Amazon S3 buckets

$ gobuster s3 --wordlist [path/to/file]
copy

Discover other virtual hosts on the server

$ gobuster vhost --url [https://example.com/] --wordlist [path/to/file]
copy

Fuzz the value of a parameter

$ gobuster fuzz --url [https://example.com/?parameter=FUZZ] --wordlist [path/to/file]
copy

Fuzz the name of a parameter

$ gobuster fuzz --url [https://example.com/?FUZZ=value] --wordlist [path/to/file]
copy

Copied to clipboard
Stream 500+ movies for free and without signup