Find Hidden Directories with Gobuster

Find Hidden Directories with Gobuster — Web Recon on Kali Linux

This post walks the workflow end to end — the basic scan, hunting files by extension, and how `ffuf` does the same job a little faster — with real output.


> Prefer video? I walk through the whole thing on [my YouTube channel](https://www.youtube.com/@guskhawaja) — same commands, ~3 minutes.



> ⚠️ Run this on a lab box, not a live domain. Directory busting fires thousands of requests per minute. That's noisy *active* scanning, not passive recon. Everything below runs against a local [DVWA](https://github.com/digininja/DVWA) container I own. Most bug bounty programs authorize passive recon but draw the line at high-volume brute force — only ever point these tools at a target you own or have explicit written permission to test.


How Directory Busting Works

A directory buster takes a wordlist — a big list of common folder and file names — and asks the web server about every single one. You're not guessing blindly; you're checking a curated list of names that show up on real sites (`admin`, `config`, `backup`, `login`, `uploads`, `.git`, and thousands more). The server's HTTP **status code** for each request tells you whether the path is real.


That's the whole trick. Reading the status codes is the skill:

| `200` | OK | The page exists and loaded. Go look at it. |

| `301` / `302` | Redirect | Almost always a real directory (the server redirects `/config` → `/config/`). |

| `403` | Forbidden | The path **exists**, you're just not allowed in. Ironically, a confirmation. |

| `404` | Not Found | Nothing there. gobuster hides these by default so you only see hits. |


What You'll Need

A Kali Linux box (or any Debian/Ubuntu derivative). `gobuster`, `ffuf`, and `dirb` are all in the repos:

sudo apt install gobuster ffuf dirb


For a safe practice target, spin up DVWA in Docker:

sudo docker run -d -p 8080:80 vulnerables/web-dvwa


That gives you a deliberately vulnerable web app on `http://127.0.0.1:8080` to point everything at.


Step 1 — The Basic Gobuster Scan

`gobuster` runs in modes; for content discovery you want `dir` mode. A tip that keeps your commands short: stash the wordlist path in a variable so you're not retyping it.


export WL=/usr/share/wordlists/dirb/common.txt

gobuster dir -u http://127.0.0.1:8080 -w $WL -t 30


- `dir` — directory/file enumeration mode.

- `-u` — the target URL (include the scheme, `http://` or `https://`).

- `-w` — the wordlist. `dirb/common.txt` (~4,600 entries) is the classic starting point.

- `-t 30` — run 30 requests concurrently so it finishes quickly.


Step 2 — Hunt Files by Extension with `-x`

Folders are only half the story. The real loot is usually in files — `.php` scripts, `.txt` notes, `.bak` backups. By default gobuster only tries the bare words in the list. Tell it which extensions to append with `-x`:

gobuster dir -u http://127.0.0.1:8080 -w $WL -x php,txt -t 30


Step 3 — Meet the Family: `ffuf`

`gobuster` isn't the only tool that does this. `ffuf` ("Fuzz Faster U Fool") does the same job and is a touch faster. The difference is the syntax: instead of a `-u`/`dir` mode, you put the literal word `FUZZ` in the URL wherever the guess should go.

ffuf -u http://127.0.0.1:8080/FUZZ -w $WL -mc 200,301,302,403


- `FUZZ` — the placeholder; ffuf swaps in each wordlist entry here.

- `-w` — the same wordlist.

- `-mc` — "match codes," filter the output to the status codes you care about.


Summary

| `gobuster` | Simple, fast, great default. The one most tutorials use. |

| `ffuf` | Fastest, and `FUZZ` can go *anywhere* — paths, parameters, headers, vhosts. |

| `feroxbuster` | Recursive by default — automatically digs into directories it finds. |

| `dirb` | The old reliable. Slower, but it's everywhere and needs zero flags. |


Comments

Post a Comment

Popular posts from this blog

How to Install a Printer on Kali Linux

Image
 Installing a printer on Kali Linux involves several steps. Before we start, ensure you have administrative privileges, as you'll need to run some commands as a superuser.   Prerequisites   1. Physical Connection : Make sure the printer is physically connected to the machine and turned on. 2. Driver : Check if your printer manufacturer provides a Linux driver. If not, you may still be able to use generic drivers. 3. Update Repositories : Make sure your package manager repositories are updated by running `sudo apt update`.   Step 1: Install CUPS (Common UNIX Printing System)   CUPS is a modular printing system that enables a computer to act as a print server. It's the most commonly used system for printing on Unix-based operating systems.   To install CUPS, open a terminal and run: sudo apt install cups   Step 2: Start and Enable CUPS Service   Once CUPS is installed, you'll need to start its service and enable i...
Read more

Sharing a Folder on Kali Linux

Image
  Sharing a folder over a network on Kali Linux can be efficiently accomplished using Samba, a re-implementation of the SMB/CIFS networking protocol. This guide will take you through the steps to set up a Samba share. Prerequisites 1. Administrative Privileges : You'll need to run commands as a superuser. 2. Folder to Share : Have a folder ready that you wish to share. If not, create one. 3. Network Access : Ensure that the Kali Linux machine is connected to the network where you want to share the folder. Step 1: Update Package Repositories Before installing any package, it's a good practice to update your package repositories: sudo apt update Step 2: Install Samba To install Samba, execute the following command: sudo apt install samba Step 3: Configure Samba The main configuration file for Samba is /etc/samba/smb.conf . You can edit this file to define your shares. First, backup the original configuration file: sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak Now, edit ...
Read more

Listing Files and Folders in Kali Linux

Image
In the intricate world of ethical hacking, the computer is an indispensable ally. The ability to swiftly navigate through files and folders is a foundational skill that every hacker must master. The Kali Linux terminal, with its array of commands, offers the tools needed to achieve this mastery. Key Insights: The "ls" Command : One of the most frequently used commands in Kali Linux, the ls command allows users to list the files and folders in the current directory. When executed without any parameters, it displays items in the current directory, with folders appearing in blue and files in green. Discovering the Current Directory with the "pwd" Command : If you ever find yourself lost amidst the myriad of directories, the pwd command is your compass. It reveals the current directory you're in, ensuring you always know your location in the filesystem. Diving Deeper with the "ls -l" Option : For those w...
Read more