Gobuster
syntax:
gobuster dir -u http://<ip> -w <path to wordlist>
Best wordlist: /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
Dirbuster
GUI interface
DirB
simple quick scan (dirb uses default wordlist)
dirb http://<ip>
use your different wordlist
dirb http://<ip> /wordlist path
Ffuf
-w = wordlist
-u = url
-e = extentions search
-mc = specify status code
-d = specify data to be sent with post request
Syntax:
ffuf -w <wordlist path> -u <url>
ffuf -w <wordlist path> -u <url> -e .html .php
For VHost discovery:
fuff -w <path to sub-domains list> -u <url> -H "Host:FUZZ.site.com
Dirsearch
options:
-w = wordlist path
-u = url
-e = extensions
-r = recursive search
--recursion-depth <num>
syntax:
python3 dirsearch.py -u <url> -e <entensions> -w <wordlist path>