You have already learned about Penetration testing tools. DirBuster is a penetration testing tool. It is using to brute force directories and file names on web/application servers. DirBuster is with a Graphic User Interface and under the LGPL-2 license. In case of enjoying the command-line, you can also use DIRB. Keep in mind that if you wish to use DirBuster or DIRB on a website or application, you need to have permission. Otherwise is ILLEGAL. So, you must be in a controlled environment and given a specific URL such as in the NCL Games or a different CTF or have a penetration testing contract with a company. This article presents Introducing and Install DirBuster On Kali Linux Server. Choose your preferred package on Eldernode to purchase a Linux VPS with the best price and support.
Table of Contents
Introducing and Install DirBuster On Kali Linux Server
What Is DirBuster And How It Works On Kali Linux?
DirBuster is a multi-threaded Java application developed by OWASP designed to brute force directories and file names on web/application servers. it’s a GUI application and comes with Kali Linux. DirBuster searches for hidden pages and directories on a web server and finds them. As a developer, you may leave a page accessible, but unlinked. Here is where DirBuster plays its role to find these potential vulnerabilities. So, you can use it to increase the security of your application by finding content on the webserver or within the application that is not required.
You will also be able to understand that simply not linking to a page does not mean it can not be accessed. The way it works and its methods are very simple. You should point at a URL and a port like 80 or 443. Then provide it with a wordlist. And finally, it sends HTTP GET requests to the website and listens for the site’s response. DirBuster works by identifying content within the application or on the web server that isn’t required.
How to use DirBuster on Kali
There are 2 ways to start the DirBuster application.
1- Start with the DirBuster icon: You can search and type “DirBuster” in the menu of Kali Linux. Then click on the icon and let the app start.
2- Start with the Terminal: You can also start DirBuster with the terminal by running the command below:
dirbuster
Using both above methods will show you a user interface that allows you to list files and directories from a Web URL in port 80. Once the DirBuster starts, you should continue the below steps:
1- Set target URL and number of Threads
2- Select a list of possible directories and files
3- Start brute force scan
4- Generate the report (optional)
DirBuster Features (Article Introducing and Install DirBuster On Kali)
Additional to the above explanations about DirBuster, there are more benefits to use this simple but powerful tool.
1- Workover HTTP and HTTPS
2- Scans for both files and directories
3- Scan recursively into the directories it identifies, providing more in-depth searches
4- The ability to start on any directory
5- The ability to perform brute force or a list-based scan
6- Perform brute force scans at super high speeds
7- Provide its own collection of wordlist
8- Allow users to make their own wordlist
DirBuster Disadvantages
Like any other tool, DirBuster showed some behaviors that users reported as its negative points. let’s have a look:
– Too noisy
– Service may disturb with an extensive amount of requests
– Brute force may be stopped when there are many error responses
How To Install DirBuster On Kali Linux Step By Step
DirBuster comes by default with Kali Linux. You just need to run the following command to install DirBuster and any other packages on which it depends:
sudo apt-get install dirbusterIn this way, you can launch DirBuster from the Kali Linux with the below path:
Web Application Analysis >> Web Crawlers and Directory Brute >> Dirbuster
How to uninstall DirBuster on Kali
Any time you decided to uninstall DirBuster, you can run the following command to remove just the DirBuster package itself.
sudo apt-get remove dirbusterBut if you wish to remove the DirBuster package and any other dependant packages which are no longer need, type:
sudo apt-get remove --auto-remove dirbusterAlso, you can use the command below to delete your local/config files for DirBuster. You must run this command with care since Purged config/data can not be restored by reinstalling the package.
sudo apt-get purge dirbusterOr similarly, like this DirBuster
sudo apt-get purge --auto-remove dirbusterConclusion
In this article, DirBuster was introduced to you and you learned How to learn DirBuster on Kali Linux. If you have already installed this tool, let your friends know about your experience and add more details on Eldernode Community.
