Feroxbuster β
TIP
Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, used for brute-forcing directories and files on web servers.
π Official Resources β
π Common Commands β
| Task | Command |
|---|---|
| Basic directory brute-forcing | feroxbuster -u https://target.com -w wordlist.txt |
| Recursive scan | feroxbuster -u https://target.com -w wordlist.txt -r |
| Scan multiple URLs | feroxbuster -u https://target.com,https://example.com -w wordlist.txt |
π·οΈ Useful Flags β
| Flag | Description |
|---|---|
-u | Target URL(s) |
-w | Wordlist file |
-r | Recursive mode |
-t | Number of concurrent threads |
-x | File extension(s) to search for (e.g., -x php,txt) |
-o | Output file |
-H | Add custom header |
-k | Ignore SSL certificate errors |
WARNING
Always have permission before brute-forcing with Feroxbuster. Unauthorized testing is illegal and unethical.
π Resources β
π HTB CTF Go-To Command β
A common Feroxbuster command for recursive directory brute-forcing in HTB CTFs:
bash
feroxbuster -u http://10.10.10.10 -w /usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt -r -o feroxbuster_results.txt-u: Target URL (replace with the actual target IP)-w: Wordlist path-r: Recursive mode-o: Output results to a file