Gobuster

Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.

image of Gobuster

Introduction

Gobuster

Gobuster is a tool used to brute-force:

URIs (directories and files) in web sites.
DNS subdomains (with wildcard support).
Virtual Host names on target web servers.
Open Amazon S3 buckets
Open Google Cloud buckets
TFTP servers

Key Features:

Multiple Modes: Supports directory brute-forcing, DNS subdomain enumeration, S3 bucket enumeration, vhost enumeration, fuzzing, and TFTP file bruteforcing.
Customizable: Allows for custom HTTP headers, TLS client certificates, and loading extensions from files.
Pattern Support: Enables the use of pattern files for applying transformations to wordlist entries.
Proxy Support: Supports the use of proxies for requests.
Wordlist Input: Accepts wordlists via STDIN.

Use Cases:

Discovering hidden directories and files on web servers.
Identifying subdomains for a given domain.
Enumerating virtual hosts on a target web server.
Finding open S3 buckets.
Fuzzing web applications for vulnerabilities.

Information

Publisher
Admin
Websitegithub.com
Published date2025/03/31

Categories

Tags

More Products

image of Pupy

Exploit DevelopmentRed Team OperationsInfrastructure Security

Pupy

Pupy is a cross-platform post-exploitation framework and RAT, enabling in-memory execution and low-footprint operations across multiple OS.

image of GreyNoise

ReconnaissanceVulnerability Intelligence

GreyNoise

GreyNoise Visualizer helps security professionals investigate internet noise and uncover real-time vulnerability exploitation trends.

OSINT Vulnerability Intelligence

image of Ligolo-ng

Red Team OperationsInfrastructure Security

Ligolo-ng

Ligolo-ng: Advanced tunneling tool using TUN interfaces for pentesters, enabling network access without SOCKS proxies.