Directory Brute Forcing

gobuster

Directory :

gobuster dir -u http://example.com -w /usr/share/wordlists/dirb/common.txt -o output-file-result.txt

Wordlists :

https://www.assetnote.io/
git clone https://github.com/danielmiessler/SecLists.git
/usr/share/wordlists/dirb/common.txt
/usr/share/wordlists/dirb/big.txt
/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
/usr/share/wordlists/dirbuster/directory-list-2.3-small.txt
/usr/share/wordlists/amass/subdomains-top1mil-5000.txt

Vhost

gobuster vhost -u http://example.com -w <wordlist> -t <threads>

gobuster vhost -w /usr/share/wordlists/amass/subdomains-top1mil-5000.txt -u stocker.htb -t 50 --append-domain

Subdomain

gobuster dns -d <target domain> -w /usr/share/wordlists/amass/subdomains-top1mil-5000.txt
gobuster dns -d <target domain> -r <DNS server IP> -w /usr/share/wordlists/amass/subdomains-top1mil-5000.txt 
gobuster dns -d <target domain> -k -w /usr/share/wordlists/amass/subdomains-top1mil-5000.txt

  • -k : enable HTTPS support

  • -r : using a specific DNS like 1.1.1.1

feroxbuster (almost same like gobuster)

  • -u target.com specifies the target domain.

  • -w subdomains.txt specifies the wordlist containing potential subdomains.

  • -D enables DNS resolution to verify the existence of subdomains.

ffuf

wfuzz

dirb

dirsearch

-t : limit how many threads

-b: delay between request

PreviousJavascript HuntingNextFile Upload Tricks

Last updated

Was this helpful?