Disclaimer: Use this tool only when required and take a written permission of the client/friend whom you wanna target/enumerate with. This tool is written in Go Lang and is very powerful in it’s own ways.
Gobuster is a tool used to brute-force URIs including directories and files as well as DNS subdomains.
After enumeration we come to this:
How to install:
sudo apt install gobuster
root@kali:~# gobuster -h Usage: gobuster [command] Available Commands: dir Uses directory/file enumeration mode dns Uses DNS subdomain enumeration mode fuzz Uses fuzzing mode help Help about any command s3 Uses aws bucket enumeration mode version shows the current version vhost Uses VHOST enumeration mode Flags: --delay duration Time each thread waits between requests (e.g. 1500ms) -h, --help help for gobuster --no-error Don't display errors -z, --no-progress Don't display progress -o, --output string Output file to write results to (defaults to stdout) -p, --pattern string File containing replacement patterns -q, --quiet Don't print the banner and other noise -t, --threads int Number of concurrent threads (default 10) -v, --verbose Verbose output (errors) -w, --wordlist string Path to the wordlist Use "gobuster [command] --help" for more information about a command. Further digging around the Rabbit Hole... And more using the flags etc... Finding the mail port open and then recon over that! This can be further investigated using some offensive security tricks, lemme know down below of what's going on your mind. Happy Cr@ck1ng!