Gobuster
## Introduction
Gobuster is a fast and efficient tool used for brute-forcing URIs, including directories and files, as well as DNS subdomains. It is a command-line tool that can discover hidden URLs, files, and directories within websites. Gobuster can run in multiple scanning modes, including dir, dns, and vhost. In this article, we will explain how to install Gobuster and provide a detailed explanation of each command used with an example.
## How to Install Gobuster
Before installing Gobuster, we need to install the Go environment on our machine. Here are the steps to install Gobuster on Kali Linux:
1. Download the Go installer file from the official site.
2. Navigate to the directory where the file is stored and run the following command:
```
rm -rf /usr/local/go && tar -C /usr/local -xzf go1.16.7.linux-amd64.tar.gz
```3. Add /usr/local/bin/go to your PATH environment variable:
```
export PATH=$PATH:/usr/local/go/bin
```4. Check if the Go environment was properly installed with the following command:
```
go version
```5. Finally, install Gobuster by running the following command:
```
go install github.com/OJ/gobuster/v3@latest
```## Commands Used with Examples
Here are the commands used with examples for the dir mode:
- **Syntax**: gobuster dir -u [target URL] -w [wordlist] [options]
- **-u**: specifies the target URL to scan
- **-w**: specifies the wordlist to use for the scan
- **-o**: specifies the output file to write results to (defaults to stdout)
- **-q**: specifies to not print the banner and other noise
- **-t**: specifies the number of concurrent threads (default 10)
Example: `gobuster dir -u http://example.com -w /usr/share/wordlists/dirb/common.txt -o output.txt -q -t 20`
This command will scan the target URL "http://example.com" using the wordlist "/usr/share/wordlists/dirb/common.txt". The results will be written to the file "output.txt" and the banner and other noise will not be printed. The scan will use 20 concurrent threads.
It is important to note that Gobuster needs wordlists to function properly. Wordlists can be obtained from various sources, including SecLists.
## Conclusion
Gobuster is a powerful tool that can help discover hidden URLs, files, and directories within websites. It is a fast and efficient tool that can run in multiple scanning modes. In this article, we explained how to install Gobuster and provided a detailed explanation of each command used with an example. It is important to use Gobuster ethically and with permission from the owner before scanning, brute-forcing, or exploiting a system.
Common Usable Commands
Global flags
-h : (--help) Print the global help menu.
-z : (--noprogress) Don't display progress.
-o : (--output [filename]) Output results to a file.
-q : (--quiet) Don't print banner and other noise.
-t : (--threads [number]) Number of concurrent threads (default 10).
-v : (--verbose) Verbose output (errors).
-w : (--wordlist [wordlist]) Path to wordlist.
DIR mode flags
-h : (--help) Print the DIR mode help menu.
-f : (--addslash) Append "/" to each request.
-c : (--cookies [string]) Cookies to use for the requests.
-e : (--expanded) Expanded mode, print full URLs.
-x : (--extensions [string]) File extension(s) to search for.
-r : (--followredirect) Follow redirects.
-H : (--headers [stringArray]) Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'.
-l : (--includelength) Include the length of the body in the output.
-k : (--insecuressl) Skip SSL certificate verification.
-n : (--nostatus) Don't print status codes.
-U : (--username [string]) Username for Basic Auth.
-P : (--password [string]) Password for Basic Auth.
-p : (--proxy [string]) Proxy to use for requests [http(s)://host:port].
-s : (--statuscodes [string])Positive status codes (will be overwritten with statuscodesblacklist if set) (default "200,204,301,302,307,401,403").
-b : (--statuscodesblacklist [string]) Negative status codes (will override statuscodes if set).
-u : (--url [string]) The target URL.
-a : (--useragent [string]) Set the User-Agent string (default "gobuster/3.0.1").
--timeout [duration] : HTTP Timeout (default 10s).
--wildcard : Force continued operation when wildcard found.
DNS mode flags
-h : (--help) Print the DNS mode help menu.
-d : (--domain [string]) The target domain.
-r : (--resolver [string]) Use custom DNS server (format server.com or server.com:port).
-c : (--showcname) Show CNAME records (cannot be used with '-i' option).
-i : (--showips) Show IP addresses.
--timeout [duration] : DNS resolver timeout (default 1s).
--wildcard : Force continued operation when wildcard found.
VHOST mode flags
-h : (--help) Print the VHOST mode help menu.
-r : (--followredirect) Follow redirects.
-H : (--headers [stringArray]) Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'.
-c : (--cookies [string]) Cookies to use for the requests.
-k : (--insecuressl) Skip SSL certificate verification.
-U : (--username [string]) Username for Basic Auth.
-P : (--password [string]) Password for Basic Auth.
-u : (--url [string]) The target URL.
-p : (--proxy [string]) Proxy to use for requests [http(s)://host:port].
-a : (--useragent [string]) Set the User-Agent string (default "gobuster/3.0.1").
--timeout [duration] : HTTP Timeout (default 10s).
** For more information, check out the extra links and sources. **
Citations:
[1] https://sohvaxus.github.io/content/gobuster.html
[2] https://cyberexpert.tech/index.php/2021/12/02/running-gobuster-on-kali-linux/
[3] https://www.javatpoint.com/how-to-install-gobuster-tool-on-kali-linux
[4] https://youtube.com/watch?v=D96YoieXn6M
[5] https://github.com/OJ/gobuster