2.3.1 File & Directory Brute-Force
File and Directory Enumeration
Gobusterβ
βGobuster - a tool used to brute-force URIs including directories and files as well as DNS subdomains.
BurpSuiteβ
βBurpSuite - an integrated platform for performing security testing of web applications.
Dirb - a tool to brute force URIs, more similar to Gobuster
Other Tools
In addition, we can use Nmap nse-scripts, WeFuzz and custom script with the help of a strong dictionary.