Gobuster is a tool used to brute-force URIs (directories and files), DNS subdomains, virtual host names, and open amazon S3 buckets.

There are three modes:

• dir
• vhost
• dns

Dir

dir mode arguments:

• -u: What url to enumerate
• -w: Wordlist to append to the url
• A good word list to use on Kali is: /usr/share/wordlists/dirb/big.txt
• -x: Extensions to append to each word in the wordlist

Example:

$ gobuster dir -u http://example.com -w wordlist.txt -x php,txt,html