Dirbuster: Full command tutorial for beginners | Updated 2024

Introduction

In this post, you will learn dirbuster commands and how does it work and also I will say the difference between dirb and dirbuster tools. Below is the video format of the post, check it out

Video:

What is dirbuster ❓

DirBuster is an application within the Kali Linux that is designed to brute force web and application servers. The tool can brute force directories and files, Why not even finds directories and that, why it is called dirbuster.

Also Read: Dirb tutorial for beginners. You should try this

Downloading dirbuster

Firstly, the dirbuster tool was created by OWASP. It is an open-source organisation, who creates this kind of tool.

Advertisement

Windows

To download the dirbuster tool in windows [Download]

Linux system

apt-get install dirbuster

If you are a Linux user the tool must be already installed, go and search for it.

Features in dirbuster

  1. GET Request Method
  2. Pure Brute Force
  3. Single Sweep
  4. Targeted Start
  5. Blank Extensions
  6. Search by File Type (.txt)
  7. Changing the DIR List
  8. Following Redirects
  9. Attack Through Proxy
  10. Adding File Extensions
  11. Evading Detective Measures

How to use dirbuster tool

Follow the below examples, and I am sure by end of this post you will be very much familiar with the tool.

Example 1, Default scan

Take a look at the below image on how to do a default scan

Dirbuster
  1. Enter target url
  2. setting the scan time (faster or slower), You can drag the arrow key to set the speed.
  3. Entering the directory where you can find set of username and password list to brute force. You can find the directory in here /usr/share/wordlists/dirbuster
  4. Now, you are ready to da a scan on the target.
Dirbuster

Example 2, Get request only

See the below image on how to enable get request only,

Dirbuster

Example 3, Pure brute forcing

Dirbusters
  1. Enter the target
  2. select the scanning type, as we are doing pure brute forcing. So, we go with that option.
  3. Select the char types, it’s better to go with full chars.
  4. Start.

Result:

Dirbusters

Example 4, URL fuzz

To do URL fuzz select the URL fuzz option in the options. God damn confusing words

Enter the URL of the target to be fuzzed.

Dirbusters
  1. Enter the URL.
  2. /usr/share/wordlists/dirbuster/file
  3. URL fuzz, since we are doing url fuzz. So, we selected it.
  4. Enter the target URL to be fuzzed.
  5. Start the dirbusters against the target URL.

Example 5, Creating a new project

To create a new project, click the file menu and select the new options and go on…

Dirbuster

Conculusion

Finally, my thoughts on dirbuster are simply awesome and I really loved it comparing to dirb. The tool is a GUI and that is why I liked it and I have taught you how I use the tool and you can explore more by sitting 1 hour before the tool.

Advertisement


Also Read: Burpsuite full tutorial from noob to pro

2 Comments

Comments are closed.