dirbuster
Java-based web content discovery tool
TLDR
Start in GUI mode
$ dirbuster -u [http://example.com]
Start in headless modecopy
$ dirbuster -H -u [http://example.com]
Set file extensions to scancopy
$ dirbuster -e [txt,html]
Enable verbose outputcopy
$ dirbuster -v
Set report locationcopy
$ dirbuster -r [path/to/report.txt]
copy
SYNOPSIS
dirbuster [options]
DESCRIPTION
dirbuster brute-forces directories and filenames on web servers. It uses wordlists to discover hidden web content and has both graphical and headless modes.Commonly used in penetration testing to find administrative interfaces, backup files, and other hidden resources.
PARAMETERS
-u url
Target URL-H
Headless mode (no GUI)-e extensions
File extensions to scan-v
Verbose output-r file
Report output location-l wordlist
Wordlist file path-t threads
Number of threads
CAVEATS
Use only against authorized targets. Java-based, requires Java runtime. Consider dirb or gobuster for faster scanning. Part of Kali Linux security tools.