Brute-forces hidden paths on web servers and more.


Discover directories and files that match in the wordlist

$ gobuster dir --url [] --wordlist [path/to/file]

Discover subdomains
$ gobuster dns --domain [] --wordlist [path/to/file]

Discover Amazon S3 buckets
$ gobuster s3 --wordlist [path/to/file]

Discover other virtual hosts on the server
$ gobuster vhost --url [] --wordlist [path/to/file]

Fuzz the value of a parameter
$ gobuster fuzz --url [] --wordlist [path/to/file]

Fuzz the name of a parameter
$ gobuster fuzz --url [] --wordlist [path/to/file]


-P string

Password for Basic Auth (dir mode only)

-U string

Username for Basic Auth (dir mode only)

-a string

Set the User-Agent string (dir mode only)

-c string

Cookies to use for the requests (dir mode only)


Show CNAME records (dns mode only, cannot be used with '-i' option)


Expanded mode, print full URLs


Append a forward-slash to each directory request (dir mode only)


Force continued operation when wildcard found


Show IP addresses (dns mode only)


Skip SSL certificate verification


Include the length of the body in the output (dir mode only)

-m string

Directory/File mode (dir) or DNS mode (dns) (default "dir")


Don't print status codes

-o string

Output file to write results to (defaults to stdout)

-p string

Proxy to use for requests [http(s)://host:port] (dir mode only)


Don't print the banner and other noise


Follow redirects

-s string

Positive status codes (dir mode only) (default "200,204,301,302,307")

-t int

Number of concurrent threads (default 10)

-u string

The target URL or Domain


Verbose output (errors)

-w string

Path to the wordlist

-x string

File extension(s) to search for (dir mode only)

Copied to clipboard