Directory/Content Discovery | Imran's Red Team Notes

Directory/Content Discovery - Gobuster / Dirbuster

Find hidden directories and file on a web server.

gobuster dir -u http://<target>/ -w /path/to/wordlists/common.txt -x php,html,txt -t 50 -o name_of_file.txt

Standard directory brute force using a custom wordlist and extension; high threat count for speed.

gobuster dir -u http://<target>/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-name_of_file.txt -x php,html

Alterative common list for directories.

gobuster vhost -u http://<target>/ -w /path/to/vhosts.txt -o name_of_file.txt

Virtual host discovery (if host header-based vhosts exist).

gobuster dns -d example.com -w /path/to/subdomains.txt -o name_of_file.txt

DNS subdomain brute forcing (requires DNS resolution and proper wordlist).

ffuf -u http://<target>/FUZZ -w /path/to/wordlist -e .php,.txt,.html -o name_of_file.json

Alterative to Gobuster with flexible output (fast fuzzing).