| Flag | Description | Example | |------|-------------|---------| | -w | Path to wordlist | -w /usr/share/wordlists/seclists/Discovery/Web-Content/common.txt | | -w | Use stdin | cat mywords.txt \| gobuster dir -u https://target.com -w - |
💡 : Use wordlists from repositories like SecLists for the most effective enumeration results. If you'd like, I can help you: Draft a cheat sheet for your specific workflow Troubleshoot a "command not found" error Compare Gobuster with tools like FFUF or Feroxbuster gobuster commands upd
gobuster dir -u http://example.com -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt | | DNS | gobuster dns -d domain
Identifies different websites (virtual hosts) hosted on the same IP address. txt | Find folders/files.
Gobuster operates in specific "modes" depending on your target: HackerTarget.com Утилиты red team: Gobuster - Positive Research
| Mode | Command | Use Case | | :--- | :--- | :--- | | | gobuster dir -u URL -w list.txt -x php,txt | Find folders/files. | | DNS | gobuster dns -d domain.com -w list.txt | Find subdomains. | | VHost | gobuster vhost -u URL -w list.txt --append-domain | Find virtual hosts (internal sites). | | Fuzz | gobuster fuzz -u URL/FUZZ -w list.txt | Custom brute forcing. |