GOBUSTER — Practical Guide

1. INTRODUCTION

Gobuster is a fast directory, file, DNS, and virtual host brute-forcing tool written in Go.

Use it to discover hidden paths, APIs, admin panels, subdomains, and exposed files.

2. DIRECTORY BRUTE FORCING (dir mode)

Basic directory brute force:

bash
gobuster dir -u http://target.com -w wordlist.txt

Use this to find hidden folders such as /admin, /uploads, /backup.

Common options:

bash
-x EXTENSIONS (Find specific file types)

Example: php,txt,html

bash
-t THREADS (Adjust speed)

Example: -t 50

bash
-s STATUS_CODES (Show only selected HTTP codes)

Example: -s 200,301,302

bash
-q (Quiet mode; show only hits)

Example full scan:

bash
gobuster dir -u http://10.10.10.5/ \

-w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt \

-x php,txt -t 50

3. FILE ENUMERATION

Useful for finding files like config.php, login.php, debug.log:

bash
gobuster dir -u http://target.com -w common.txt -x php,txt,log

4. VIRTUAL HOST ENUMERATION (vhost mode)

Enumerate hidden virtual hosts:

bash
gobuster vhost -u http://target.com -w wordlist.txt

Example:

bash
gobuster vhost -u http://10.10.10.5 -w subdomains.txt

5. SUBDOMAIN ENUMERATION (dns mode)

DNS brute forcing:

bash
gobuster dns -d example.com -w subdomains.txt

Show IPs:

bash
gobuster dns -d example.com -w subs.txt -i

6. FOLLOW REDIRECTS

Follow redirects:

bash
gobuster dir -u http://target.com -w wordlist.txt -F

7. STATUS CODE FILTERING

Show only useful responses:

bash
gobuster dir -u http://target.com -w wordlist.txt -s 200,301,302

Filter by response size:

bash
gobuster dir --exclude-length 1234

8. USER AGENT & HEADERS

Modify headers:

bash
gobuster dir -u http://target.com -w wordlist.txt -H "User-Agent: Mozilla/5.0"

Example:

bash
gobuster dir -u http://target.com -w wordlist.txt -H "User-Agent: Chrome"

9. PROXY SUPPORT

Send requests through a proxy (e.g., Burp Suite):

bash
gobuster dir -u http://target.com -w wordlist.txt --proxy http://127.0.0.1:8080

10. RECURSIVE SCANNING

Scan deeper directories automatically:

bash
gobuster dir -u http://target.com -w wordlist.txt -R

or:

bash
gobuster dir -u http://target.com -w wordlist.txt --recursive

11. PENTEST & CTF EXAMPLES

Find admin panels:

bash
gobuster dir -u http://10.10.10.5/ -w big.txt -s 200,301 -x php

Find backup files:

bash
gobuster dir -u http://site.com -w common.txt -x bak,old,zip

Find JavaScript files:

bash
gobuster dir -u http://site.com -w js_wordlist.txt -x js

Find subdomains:

bash
gobuster dns -d company.com -w subdomains.txt

Find hidden API endpoints:

bash
gobuster dir -u http://api.company.com -w api.txt
← Back to tutorial