High-risk tools in Gobuster
7 of the 10 tools in Gobuster are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
gobuster_dirExecuteDirectory/file enumeration mode - discovers hidden directories and files on web servers using wordlist-based brute forcing. Executes on remote Kali host via SSH.
-
gobuster_dnsExecuteDNS subdomain enumeration mode - discovers subdomains for a target domain using wordlist-based brute forcing. Executes on remote Kali host via SSH.
-
gobuster_fuzzExecuteFuzzing mode - replaces the FUZZ keyword in URLs, headers, or POST data with wordlist entries. Useful for parameter discovery and testing. Executes on remote Kali host via SSH.
-
gobuster_s3ExecuteAmazon S3 bucket enumeration mode - discovers open S3 buckets using wordlist-based brute forcing. Executes on remote Kali host via SSH.
-
gobuster_stopExecuteStop a running asynchronous gobuster scan
-
gobuster_tftpExecuteTFTP file enumeration mode - discovers files on TFTP servers. Executes on remote Kali host via SSH.
-
gobuster_vhostExecuteVirtual host enumeration mode - discovers virtual hosts on a web server by brute forcing Host header values. Executes on remote Kali host via SSH.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.