Gobuster | Imran's Red Team Notes

Gobuster Commands

Directory Brute-Forcing

gobuster dir -u http://target.com -w /usr/share/wordlists/example.txt

Scans for hidden directories/files on the target site.

gobuster dir -u http://target.com -w usr/share/wordlists/example.txt -x php,html,txt

Specify File Extension Adds extensions to check (e.g., .php, .html, .txt).

gobuster dir -u https://target.com -w usr/share/wordlists/example.txt

Works the same, but for HTTPS sites.

DNS Subdomain Enumeration

gobuster dns -d target.com -w usr/share/wordlists/example.txt

DNS Subdomain Enumeration Finds subdomains of a domain.

gobuster vhost -u http://target.com -w usr/share/wordlists/example.txt

VHost (Virtual Host) Enumeration Detects hidden virtual hosts.

gobuster dir -u http://target.com -w usr/share/wordlists/example.txt -t 50

Threats for Speed Uses 50 threats to speed up scanning.

gobuster dir -u http://target.com -w usr/share/wordlists/example.txt -o results.txt

Save Output Saves results to a file (results.txt).