Install SecLists:
sudo apt install seclists | Problem | Solution | |---------|----------| | Too many false positives | Use -b 403,404,500 to exclude common errors | | Slow scan | Increase threads with -t 100 | | TLS errors | Use -k to skip cert verification | | No results | Try a larger wordlist or different extensions | Quick Cheat Sheet # Directory brute-force gobuster dir -u http://site.com -w wordlist.txt With extensions gobuster dir -u http://site.com -w wordlist.txt -x php,html DNS subdomain gobuster dns -d site.com -w subdomains.txt VHost gobuster vhost -u http://site.com -w vhosts.txt S3 buckets gobuster s3 -w buckets.txt -b company gobuster example
Found: mail.google.com [142.250.185.5] Found: drive.google.com [142.250.185.14] Useful when multiple sites share the same IP. Install SecLists: sudo apt install seclists | Problem
Install SecLists:
sudo apt install seclists | Problem | Solution | |---------|----------| | Too many false positives | Use -b 403,404,500 to exclude common errors | | Slow scan | Increase threads with -t 100 | | TLS errors | Use -k to skip cert verification | | No results | Try a larger wordlist or different extensions | Quick Cheat Sheet # Directory brute-force gobuster dir -u http://site.com -w wordlist.txt With extensions gobuster dir -u http://site.com -w wordlist.txt -x php,html DNS subdomain gobuster dns -d site.com -w subdomains.txt VHost gobuster vhost -u http://site.com -w vhosts.txt S3 buckets gobuster s3 -w buckets.txt -b company
Found: mail.google.com [142.250.185.5] Found: drive.google.com [142.250.185.14] Useful when multiple sites share the same IP.