Gobuster is a program meant for enumerating available/visible directories on a target
Usage:
gobuster dir --url http://192.168.0.1 --wordlist /usr/share/wordlists/dirb/common.txt--url: Target URL
--wordlist: Wordlist to use
The "dir" keyword here tells gobuster to look for directories, this can be changed to other keywords, like "dns" to find dns subdomains for example
Gobuster is not on the machines for the EJPT
Dirb is a scanner designed for specifically http-based webservers, it is used to find directories and files
Usage:
dirb http://192.168.0.1 /usr/share/wordlists/dirb/common.txtdirb automatically goes into subdirectories (recursive)
Sidenote: dirb will typically yield more results than gobuster, just due to the default configuration of dirb
Wordlists:
Similar to dirb and gobuster, dirbuster is intended to brute force directories and files on servers, unlike gobuster and dirb, it has a GUI as its primary form of usage
Usage:
dirbuster -u http://example.comDon't bother with dirbuster, you can use the dictionaries from it, but it's pretty much the same as dirb unless you want to use the GUI
Find is a bsaic unix command designed to find a file when given a directory and a pattern to search, this can be used to search for desired files
Usage:
find / -name "filename.ext"Searches for "filename.ext" in / (root directory) and all subdirectories
Windows equivalent: where /r c:\ file.txt
find / -name "*.ext"Searches for all files with the extension ".ext" in / (root directory) and all subdirectories
* is the wildcard operator, essentially meaning any length of normal characters
find / -not -type l -perm -o+wfind file in root directory and all subdirectories (find /) that are not a symbolic link (-not type -l) and that are not writable by others (everyone) (-perm -o+w)