Installation: https://github.com/OJ/gobuster Usage:
gobuster dir -u http://10.10.10.10 -w wordlist -x php -o gobuster-root-php.out -t 50
-u = url -w = wordlist -x = extensions -o = output -t = threads
Installation page: https://github.com/maurosoria/dirsearch Usage:
dirsearch -u http://10.10.10.10 -w wordlist -e "html" -r -t 50 -f | tee dirsearch_result.txt # default#Other configurations#dirsearch -u http://10.10.10.10 -w wordlist -e php -r -t 50 -x 403 | tee dirsearch_result2.txt#dirsearch -u http://10.10.10.10 -e " "| tee dirsearch_result3.txt #default directories as cgi bin
With " | tee dirsearch_result.txt" we create an output to a file called dirsearch_result.txt while it's running
-u = url -w = wordlist -e = extensions. # -e " " = no extension -r = recursive -t = threads -x = ignore error code -f = force extensions # issue for files like cgi-bin
Installation page: https://github.com/xmendez/wfuzz *Requires python3 Usage:
wfuzz -u http://10.10.10.10/FUZZ -w wordlist -hc 404 -c -t 100 -v
FUZZ means the parameter or directory we want to fuzz, we can bruteforce vulns such as SQL with this -u = url -w = wordlist -hc = hide error codes -c = output with colors -t = threads (10 default) -v = verbose information -hh = hide characters (test and try with different parameters for SQLi for example; id, about etc.)