GoBuster
GoBuster scans the most common directories which are used on a WebApp / Website. To run this scan GoBuster needs to be installed first: sudo apt-get install gobuster
Once GoBuster is installed we can run it as following:
sudo gobuster dir -u http://<ip>:<port> -w /usr/share/wordlist/dirbuster/ -x php,sh.txt,cgi,html,js,css,py
| GoBuster flag | Description |
| -e | Print the full URLs in your console |
| -u | The target URL |
| -w | Path to your wordlist |
| -U and -P | Username and Password for Basic Auth |
| -p <x> | Proxy to use for requests |
| -c <http cookies> | Specify a cookie for simulating your auth |
https://tools.kali.org/web-applications/gobuster
After the run you see something like that:
