2.3.1 File & Directory Brute-Force

File and Directory Enumeration

Gobuster​

​Gobuster - a tool used to brute-force URIs including directories and files as well as DNS subdomains.

GobusterPractical Ethical Hacker (CEH) Tools

BurpSuite​

​BurpSuite - an integrated platform for performing security testing of web applications.

Burp SuitePractical Ethical Hacker (CEH) Tools

Dirb

Dirb - a tool to brute force URIs, more similar to Gobuster

DirbPractical Ethical Hacker (CEH) Tools

Other Tools

In addition, we can use Nmap nse-scripts, WeFuzz and custom script with the help of a strong dictionary.