ZeroTrace OSINT
Gobuster Builder
Build directory, DNS, S3-bucket, and vhost brute-force commands — with wordlist preview and timing guidance.
Gobuster is the workhorse brute-forcer for paths and DNS names. The builder configures its modes and assembles the command, with a wordlist preview so you can sanity-check the dictionary before kicking off a multi-hour run.
Modes supported
| Mode | What it does |
|---|---|
| dir | Brute-forces directory and file paths against a web URL |
| dns | Brute-forces subdomain names against a domain |
| vhost | Brute-forces virtual-host names against an IP |
| s3 | Brute-forces S3 bucket names |
| gcs | Brute-forces GCS bucket names |
| fuzz | Generic fuzzer with {GOBUSTER} placeholder |
Each mode has its own option set, exposed cleanly through the UI.
What you configure (dir mode)
| Section | Options |
|---|---|
| Target URL | The base URL |
| Wordlist | Path to a wordlist file (with preview) |
| Extensions | File extensions to append (.php, .html, .bak, etc.) |
| Status codes to keep | Default 200, 204, 301, 302, 307, 401, 403; configurable |
| Threads | Concurrency level |
| User-Agent | Custom UA, default UA, or random-from-set |
| Cookies / headers | Authentication or session context |
| Recursion | On / off |
| Timeout / delay | Per-request and inter-request |
Wordlist preview
When you supply a wordlist path, the builder fetches the first 4 KB and shows the first 20 lines. A quick sanity check that:
- The wordlist exists.
- It is the wordlist you meant.
- The shape (lowercase / mixed case, with extensions / without) matches what you expect.
For very long wordlists, the preview catches the "I selected the wrong file" mistake before it costs you an hour.
Per-mode timing guidance
The builder warns when your configuration will produce noisy scans:
- High thread counts against single targets.
- Very large wordlists with extensions that multiply effective requests.
- Recursion on a wordlist with many positive results — exponential explosion.
Brute-forcing paths or subdomains generates obvious scan traffic. Only run against targets you have permission to test. Many web application firewalls and bot-protection services block scans within seconds of detection.
Generated command
gobuster dir -u https://example.com -w /usr/share/wordlists/dirb/common.txt -x php,html,bak -t 50 -k -o gobuster-output.txt
The "copy command" affordance copies the command alone.
Save as profile
Wordlist + extension + thread combinations can be saved as profiles. "Quick PHP-app dir scan", "long deep DNS sweep", "S3 bucket name guesser" — load with one click.
Pivots
Gobuster output feeds into:
- Site analysis — per discovered path.
- HTTP methods tester — to enumerate methods on the discovered paths.
- Wayback archive — for historical context on each URL.
Sources
- The flag-explanation catalog is bundled.
- The wordlist preview reads from your local disk (no network call).
- No external sources are queried.