# Gobuster

[Repo](https://github.com/OJ/gobuster.git)

### Directories
```sh
gobuster dir -u <URL> -w <wordlist>
```

### DNS 
```sh 
gobuster dns -d <domainName> -w <wordlist> --show-cname --show-ips --resolver <dns-Server>
```

### Vhosts
* Find other Domains on a host via `seclists/Discovery/DNS/subdomains-top1million-5000.txt`
```sh
gobuster vhost -u <URL> -w <wordlist> 
```


### FileExtension
```sh
-x
```
* Fuzz for files and file extensions
```sh
gobuster dir -u <URL> -w /usr/share/seclists/Discovery/raft-small-word-lowercase.txt -x .conf,.js
```

### Basic Auth 
```sh
gobuster help dir
```
* `--username` and `--password`

* `dir -s`   Accept HTTP Status 
* `dir -k`   Skip TLS Auth
* `dir -a`   User Agent

### Wordlists
```sh
/usr/share/seclists/Discovery/Web-Content/common.txt
/usr/share/seclists/Discovery/Web-Content/big.txt
/usr/share/seclists/Discovery/Web-Content/directory-list-2.3-big.txt
/usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt
/usr/share/seclists/Discovery/Web-Content/raft-medium-files.txt
```