# [`gobuster`](https://github.com/OJ/gobuster) ![[Preignition Write-up#^cwc7uq]] ![[Preignition Write-up#^jj9dst]] ## Installation ```sh sudo apt install gobuster ``` `gobuster` requires `golang-go` so you may have to install that as well ```sh sudo apt install golang-go ``` ## CLI ### Dir Busting To use `gobuster` for directory busting you need to specify the wordlist (see [[#Lists]] below) and the IP address/hostname of the site to test. - `-w` is shortform of `--wordlist` - `-u` is a shortform of `--url` - `-o` is a shortform for `--output`. Output takes a file and redirects output to it. It's poorly formatted tho. ```sh sudo gobuster dir --url <URL> --wordlist <WordList path> --output <output file> ``` e.g.: ```sh gobuster dir --url http://10.129.95.184/ --wordlist /usr/share/wordlists/dirb/big.txt ``` To filter output to specific extensions only use `-x`, e.g. `-x php,html`. ![[Crocodile Write-up#^dovfqx]] ### Subdomain Enumeration Verifies existence of subdomains using a list of common subdomains passed in word list. ```sh gobuster vhost -w <word list> -u <base domain> --append-domain ``` `--apend-domain` appends the domain specified in `-u`. e.g. ```sh gobuster vhost -w /usr/share/wordlists/subdomains-top1million-110000.txt -u base.htb --append-domain -o vhosts.txt ``` ## Lists ![[Cyber Security Tools#^1p1bli]] ![[Preignition Write-up#^1e31is]] For example: - `/usr/share/wordlists/dirb/big.txt` for directory busting (Kali) - `/opt/useful/SecLists/Discovery/DNS/subdomains-top1million-5000.txt` for subdomain enumeration (Parrot) - `/usr/share/wordlists/subdomains-top1million-110000.txt` (Kali) - `/opt/useful/seclists/Discovery/Web-Content/common.txt` (Parrot) ## Hack The Box Machines - [[Preignition Write-up|Preignition]] - [[Crocodile Write-up|Crocodile]] - [[Three Write-Up|Three]] - [[Appointment Write-up|Appointment]] - [[Oopsie Write-Up|Oopsie]]