owasp dirbuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.
backtrack 5 r1
/pentest/web/dirbuster
1. root@bt:/pentest/web/dirbuster# java -jar DirBuster-0.12.jar
2. target url = url
3. file with list browse = directory-list-lowercase-2.3-medium
options for dir/files in
apache-user-enum-1.0
apache-user-enum-2.0
directory-list-1.0
directory-list-2.3-big
directory-list-2.3-medium
directory-list-2.3-small
directory-list-lowercase-2.3-big
directory-list-lowercase-2.3-medium
directory-list-lowercase-2.3-small
4. start
Web codes
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
301 Moved Permanently
302 Found
304 Not Modified
305 Use Proxy
307 Temporary Redirect
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
myexploit 
2 thoughts on “web application – owasp dirbuster”