LabEx
Log InJoin Free

Explore the Gobuster Help Menu and Modes

Beginner
Practice Now

Introduction

Gobuster is a powerful command-line tool used for brute-forcing URIs (directories and files), DNS subdomains, and virtual hostnames. It's a popular tool among penetration testers and security enthusiasts for discovering hidden web content and network assets. Understanding its help menu is crucial for effectively utilizing its features.

In this lab, you will learn how to explore the Gobuster help menu to understand its global flags and various operational modes. You will specifically look into the dir (directory), dns (DNS subdomain), and vhost (virtual host) modes, which are commonly used for different types of enumeration tasks. By the end of this lab, you will be familiar with how to access help for Gobuster and its specific modes, enabling you to use the tool more efficiently in real-world scenarios.

Run gobuster with the --help Flag

In this step, you will run the gobuster command with the --help flag to display its main help menu. This will provide an overview of the tool's basic usage, available commands, and global options.

Open your terminal in the ~/project directory. Execute the following command:

gobuster --help

You should see output similar to this, showing the general usage and available commands:

Usage:
  gobuster [command]

Available Commands:
  dir         Uses directory/file enumeration mode
  dns         Uses DNS subdomain enumeration mode
  fuzz        Uses fuzzing mode
  help        Help about any command
  s3          Uses AWS S3 bucket enumeration mode
  vhost       Uses VHOST enumeration mode
  version     Shows the current version

Flags:
  -h, --help          help for gobuster
  -z, --no-color      Disable color output
  -q, --quiet         Don't print banner and other noise
  -v, --verbose       Verbose output (errors)

Use "gobuster [command] --help" for more information about a command.

This output provides a quick reference for how to use gobuster and lists its main modes.

Identify the Global Flags

In this step, you will identify the global flags that can be used with any gobuster command. These flags are listed at the bottom of the main help output.

Review the output from the previous step. Look for the section titled Flags:. These flags are global, meaning they can be applied to gobuster itself or any of its subcommands (like dir, dns, etc.).

The global flags you should identify are:

  • -h, --help: Displays help for the command.
  • -z, --no-color: Disables color output.
  • -q, --quiet: Suppresses banner and other non-essential output.
  • -v, --verbose: Enables verbose output, typically showing errors.

Understanding these global flags allows you to control the output and behavior of gobuster regardless of the specific mode you are using.

List the Available Modes (dir, dns, vhost, etc.)

In this step, you will list the various operational modes available in Gobuster. These modes dictate the type of enumeration gobuster will perform.

From the output of gobuster --help, locate the section titled Available Commands:. This section lists all the different modes or commands that gobuster supports.

You should be able to identify modes such as:

  • dir: For directory and file enumeration.
  • dns: For DNS subdomain enumeration.
  • fuzz: For fuzzing.
  • s3: For AWS S3 bucket enumeration.
  • vhost: For virtual host enumeration.

Each of these modes has its own specific set of options and usage. Knowing these modes is the first step to choosing the right tool for your enumeration task.

View Help for a Specific Mode (dir)

In this step, you will learn how to get detailed help for a specific gobuster mode, using the dir mode as an example. The dir mode is used for brute-forcing directories and files on web servers.

To view the help menu for the dir mode, execute the following command in your terminal:

gobuster dir --help

You will see a more detailed output specific to the dir mode, including its unique flags and usage examples. The output will be similar to this:

Usage:
  gobuster dir [flags]

Flags:
  -u, --url string         The target URL (e.g. http://example.com)
  -w, --wordlist string    Path to the wordlist
  -a, --useragent string   Set the User-Agent string (default "gobuster/3.X.X")
  -c, --cookies string     Cookies to use for the request
  -e, --expanded           Show expanded URL
  -f, --follow-redirect    Follow redirects
  -H, --headers stringArray  Add custom header(s)
  -k, --no-tls-validation  Skip TLS certificate verification
  -l, --no-length          Don't print the length of the body
  -m, --method string      HTTP method to use (default "GET")
  -n, --no-status          Don't print status codes
  -p, --proxy string       Proxy to use for requests [scheme://host:port]
  -r, --random-useragent   Use a random User-Agent string
  -s, --status-codes string  Status codes to include (e.g. "200,204,301") (default "200,204,301,302,307,401,403,500")
  -t, --threads int        Number of concurrent threads (default 10)
  -v, --verbose            Verbose output (errors)
  -x, --extensions string  File extensions to search for (e.g. "php,html")
  -z, --no-color           Disable color output
      --exclude-length string  Exclude responses by content length (e.g. "123,456")
      --exclude-wildcard string  Exclude responses by wildcard (e.g. "200,404")
      --timeout duration   HTTP timeout (default 10s)

Global Flags:
  -h, --help          help for gobuster
  -q, --quiet         Don't print banner and other noise

This detailed help is essential for understanding all the options available for a specific enumeration task.

View Help for Another Specific Mode (dns)

In this step, you will view the help menu for another specific gobuster mode: dns. The dns mode is used for brute-forcing DNS subdomains.

To view the help menu for the dns mode, execute the following command in your terminal:

gobuster dns --help

You will see a detailed output specific to the dns mode, including its unique flags and usage examples. The output will be similar to this:

Usage:
  gobuster dns [flags]

Flags:
  -d, --domain string      The target domain (e.g. example.com)
  -w, --wordlist string    Path to the wordlist
  -r, --resolver string    Use custom DNS server (e.g. 1.1.1.1)
  -t, --threads int        Number of concurrent threads (default 10)
  -z, --no-color           Disable color output
      --no-wildcard        Don't print wildcard entries
      --wildcard-ips string  IPs to exclude from wildcard entries (e.g. "192.168.1.1,192.168.1.2")

Global Flags:
  -h, --help          help for gobuster
  -q, --quiet         Don't print banner and other noise
  -v, --verbose       Verbose output (errors)

By exploring the help menus for different modes, you can quickly understand their specific functionalities and options, which is crucial for effective use of gobuster in various enumeration scenarios. This approach applies to all other gobuster modes as well.

Summary

In this lab, you have successfully explored the gobuster command-line tool's help menu and its various operational modes. You started by viewing the main help menu to understand its general usage and identify global flags. Then, you delved into specific modes like dir and dns, learning how to access their detailed help options.

You now understand:

  • How to use gobuster --help to get an overview of the tool.
  • How to identify global flags that apply across all gobuster commands.
  • The different enumeration modes available, such as dir, dns, and vhost.
  • How to get specific help for any gobuster mode using gobuster [mode] --help.

This foundational knowledge is crucial for effectively using gobuster in your cybersecurity tasks, allowing you to choose the right mode and options for your specific enumeration needs.