This is a network optimized website enumeration tool

Simple Scan: (20 threads)

#gobuster dir -u http://192.168.26.103/ -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -t 20

Faster scan with extension checks:

(May need to slow it down depending on your system)

#gobuster dir -u http://192.168.27.200/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x html,asp,htm,aspx,php,pl,js,txt,sh -t 40

Windows:

Windows is not case sensitive so you can speed up IIS scans with the lowercase only directory list.

#gobuster dir -u http://10.10.10.121/ -w /usr/share/seclists/Discovery/Web-Content/directory-list-lowercase-2.3-medium.txt -t 50 -x html,txt,asp,aspx,htm,htx,idq,crl,idc,inc,asa,svc,ida,eqibrw,update,hsh,js

Common Dir Flags:

-e print full paths

-s show certain status codes only. (comma separate)

-x check for specified file extensions (-x pl, sh, php, html, txt)

There are several other common non-language extensions that people give backup files (bak, bac, old, _bak, 000, ~, 1, 01, 2, inc, xxx)

-l show body length of response

-U / -P try a username and password

-k ignore ssl check