firefart
commented
2 months ago Everything is there. You need to look at the help of the subcommand as each subcommand has other options.
gobuster dir --help
NAME:
gobuster dir - Uses directory/file enumeration mode
USAGE:
gobuster dir [command options] [arguments...]
OPTIONS:
--url value, -u value The target URL
--cookies value, -c value Cookies to use for the requests
--username value, -U value Username for Basic Auth
--password value, -P value Password for Basic Auth
--follow-redirect, -r Follow redirects (default: false)
--headers value, -H value [ --headers value, -H value ] Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'
--no-canonicalize-headers, --nch Do not canonicalize HTTP header names. If set header names are sent as is (default: false)
--method value, -m value the password to the p12 file (default: "GET")
--useragent value, -a value Set the User-Agent string (default: "gobuster/3.7")
--random-agent, --rua Use a random User-Agent string (default: false)
--proxy value Proxy to use for requests [http(s)://host:port] or [socks5://host:port]
--timeout value, --to value HTTP Timeout (default: 10s)
--no-tls-validation, -k Skip TLS certificate verification (default: false)
--retry Should retry on request timeout (default: false)
--retry-attempts value, --ra value Times to retry on request timeout (default: 3)
--client-cert-pem value, --ccp value public key in PEM format for optional TLS client certificates]
--client-cert-pem-key value, --ccpk value private key in PEM format for optional TLS client certificates (this key needs to have no password)
--client-cert-p12 value, --ccp12 value a p12 file to use for options TLS client certificates
--client-cert-p12-password value, --ccp12p value the password to the p12 file
--wordlist value, -w value Path to the wordlist. Set to - to use STDIN.
--delay value, -d value Time each thread waits between requests (e.g. 1500ms) (default: 0s)
--threads value, -t value Number of concurrent threads (default: 10)
--wordlist-offset value, --wo value Resume from a given position in the wordlist (default: 0)
--output value, -o value Output file to write results to (defaults to stdout)
--quiet, -q Don't print the banner and other noise (default: false)
--no-progress, --np Don't display progress (default: false)
--no-error, --ne Don't display errors (default: false)
--pattern value, -p value File containing replacement patterns
--no-color, --nc Disable color output (default: false)
--debug enable debug output (default: false)
--status-codes value, -s value Positive status codes (will be overwritten with status-codes-blacklist if set). Can also handle ranges like 200,300-400,404
--status-codes-blacklist value, -b value Negative status codes (will override status-codes if set). Can also handle ranges like 200,300-400,404. (default: "404")
--extensions value, -x value File extension(s) to search for
--extensions-file value, -X value Read file extension(s) to search from the file
--expanded, -e Expanded mode, print full URLs (default: false)
--no-status, -n Don't print status codes (default: false)
--hide-length, --hl Hide the length of the body in the output (default: false)
--add-slash, -f Append / to each request (default: false)
--discover-backup, --db Also search for backup files by appending multiple backup extensions (default: false)
--exclude-length value, --xl value exclude the following content lengths (completely ignores the status). You can separate multiple lengths by comma and it also supports ranges like 203-206
--help, -h show help
I know Gobuster have plenty of functionalities, but some of them just don't appear on "--help", like "-b". Why?