is a multi-threaded Java application designed to brute force directories and files in web/application servers. It is useful in discovering resources that are not linked (directly) in the pages of the site, such as administration panels, backup files, and user directories.
DirBuster allows users to quickly and easily identify hidden files and directories on a web server.
1. High Speed Brute Force: DirBuster
is designed to be fast and powerful. It uses multiple threads to achieve high speeds when brute forcing.
2. Easy to Use: DirBuster has an easy to use interface. It provides options to customize the brute force process.
3. Wordlist Support: DirBuster can use wordlists of commonly used directories and filenames. This allows more control and accuracy in the brute force process.
4. GUI and Command Line Versions: DirBuster can be used in either a graphical user interface or from the command line.
5. Supports Proxies: DirBuster can use different types of proxies for anonymity.
6. Supports SSL: DirBuster can also be used to brute force SSL (HTTPS) connections.
7. Logging: DirBuster can log all of the discovered resources to a file.
8. Detects Redirects: DirBuster can detect when a page is being redirected and follow the redirect. This can be useful in discovering hidden resources.
9. Detects Forbidden: DirBuster can detect when a resource is forbidden. This can help in determining if a resource is protected.
10. Multi-Threaded: DirBuster is multi-threaded, allowing it to achieve high speeds when brute forcing.
11. Supports User Agents: DirBuster can use different types of user agents to change the way it appears to the server. This can help in bypassing security measures.
13. Supports POST Requests: DirBuster can use POST requests to send data to the server. This can be useful in bypassing security measures.
14. Supports HTTP Authentication: DirBuster can use HTTP authentication to access resources. This can be useful in bypassing security measures.
15. Supports FTP: DirBuster can also be used to brute force FTP servers. This can be useful in discovering hidden resources.
16. Supports SOCKS Proxies: DirBuster can use SOCKS proxies for greater anonymity.
17. Customizable Headers: DirBuster can use custom headers to bypass security measures.
18. Customizable Timeouts: DirBuster can be configured to use different timeouts when connecting to a server.
19. Automatic Updates: DirBuster can check for updates automatically, allowing you to always have the latest version.