Information Gathering: DirBuster tool

DirBuster is a file/directory brute-forcer. It’s written in Java and programmed by OWASP members. It’s a Graphical user interface application. DirBuster is able to brute-force targets at crazy speeds.

The GUI of DirBuster tool is easy to use as it gives many options for brute-forcing. It can go up to 100 threads which are so fast.

It also comes with a collection of wordlists for different uses and situations. you can make your own wordlist to brute force a specific target.

Below is an example of the files and directories that were successfully discovered by the tool.


It found out some directories and files and although there a few fake positives, not all results are incorrect. You should take care when using this tool because it generates a lot of traffic which can simply slow down small websites, so the threads must be correctly set to avoid taking down the target. DirBuster gives a lot of fake positives as well, so for every file or directory it tries to brute force, we have to manually go through and check them.

Related posts

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience

Cloud Infrastructure Management: 10 Best Practices for Success