Disclaimer: Use this tool only when required and take a written permission of the client/friend whom you wanna target/enumerate with. This tool is written in Go Lang and is very powerful in it’s own ways.
Gobuster is a tool used to brute-force URIs including directories and files as well as DNS subdomains.
After enumeration we come to this:
Installed size: 7.23 MB
How to install: sudo apt install gobuster
gobuster
root@kali:~# gobuster -h
Usage:
gobuster [command]
Available Commands:
dir Uses directory/file enumeration mode
dns Uses DNS subdomain enumeration mode
fuzz Uses fuzzing mode
help Help about any command
s3 Uses aws bucket enumeration mode
version shows the current version
vhost Uses VHOST enumeration mode
Flags:
--delay duration Time each thread waits between requests (e.g. 1500ms)
-h, --help help for gobuster
--no-error Don't display errors
-z, --no-progress Don't display progress
-o, --output string Output file to write results to (defaults to stdout)
-p, --pattern string File containing replacement patterns
-q, --quiet Don't print the banner and other noise
-t, --threads int Number of concurrent threads (default 10)
-v, --verbose Verbose output (errors)
-w, --wordlist string Path to the wordlist
Use "gobuster [command] --help" for more information about a command.
Further digging around the Rabbit Hole...
And more using the flags etc...
Finding the mail port open and then recon over that!
This can be further investigated using some offensive security tricks, lemme know down below of what's going on your mind.
Happy Cr@ck1ng!