OWASP/Training/OWASP DirBuster Project
|OWASP DirBuster Project|
|Overview & Goal|
|DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.
Attempt to find hidden pages/directories and directories with a web application, thus giving a another attack vector (For example. Finding an unlinked to administration page).
Exploit anything it finds. This is not the purpose of DirBuster. DirBuster sole job is to find other possible attack vectors.
By finding content on the web server or within the application that is not required.
By helping developers understand that by simply not linking to a page does not mean it can not be accessed.