Gobuster

GoBuster is a versatile tool that allows for performing DNS, vhost, and directory brute-forcing. The tool has additional functionality, such as enumeration of public AWS S3 buckets.

Directory/file brute-forcing can be done with the “dir” switch:

gobuster dir -u URL -w WORDLIST

WordPress is the most commonly used CMS (Content Management System) and has a huge attack surface.

A WordPress instance still in setup mode (at the “URL/wordpress” domain) allows RCE (Remote Code Execution) on the server.

DNS Subdomain Enumeration is the process of finding essential resources hosted on subdomains that contain additional functionality that can be exploited. The “dns” flag with GoBuster can help with this.

When doing DNS Subdomain Enumeration, it is a good idea to add/switch over to the 1.1.1.1 DNS Sever. This is why: