Directory Busting with GoBuster

Intro

The point of directory busting is finding directories you don’t know exist.

How to do that?

Simply by using the gobuster tool along with wordlists that are preinstalled in ParrotOS or Kali Linux. These wordlists contain cracked credentials (usernames and passwords). 

Tip: start with a small list and then move to bigger wordlists.

In ParrotOS, the wordlists directory is:

• /usr/share/wordlists

The most popular wordlists are SecLists, dirbuster, and rockyou.txt 

Take a look at the wordlists in the dirbuster directory:

As you can see, there are a lot of wordlists in this directory. One of the most popular wordlists in this directory is: directory-list-2.3-medium.txt

GitHub repo: https://github.com/OJ/gobuster

Strategy

To achieve a goal, you need a strategy.

• Verify your target’s tech stack and dirbust the target with small wordlists that are specific to the tech stack that the web app runs on
• For instance, a WordPress website is built with PHP. Check for WordPress wordlists and use them to dirbust your target

Demo

First, dirbust the target with a small wordlist

Next, dirbust it with a bigger wordlist

• gobuster dir -u URL -w /usr/share/wordlists/dirbuster/
• gobuster dir -u URL -w /usr/share/wordlists/SecLists/Discovery/Web-Content/big.txt

Another example:

• gobuster vhost -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt -u futurevera.thm -t 50 -- append-domain

If you find subdomains, add them to the /etc/hosts file to resolve the domain name. Otherwise, you cannot access the subdomain in the browser

Tips

Whenever you try to test out a tool, just type out the name of the tool in the command to check for the available commands and so on:

Another tip is to use the help command to get more info about other commands:

That's a wrap!