tldr/pages/common/gobuster.md

29 lines
792 B
Markdown

# gobuster
> Brute-forces hidden paths on web servers and more.
> More information: <https://github.com/OJ/gobuster>.
- Discover directories and files that match in the wordlist:
`gobuster dir --url {{https://example.com/}} --wordlist {{path/to/file}}`
- Discover subdomains:
`gobuster dns --domain {{example.com}} --wordlist {{path/to/file}}`
- Discover Amazon S3 buckets:
`gobuster s3 --wordlist {{path/to/file}}`
- Discover other virtual hosts on the server:
`gobuster vhost --url {{https://example.com/}} --wordlist {{path/to/file}}`
- Fuzz the value of a parameter:
`gobuster fuzz --url {{https://example.com/?parameter=FUZZ}} --wordlist {{path/to/file}}`
- Fuzz the name of a parameter:
`gobuster fuzz --url {{https://example.com/?FUZZ=value}} --wordlist {{path/to/file}}`