In this article, I will write a Gobuster: The Basics that covers Environment and Setup, Gobuster: Introduction, Use Case: Directory and File Enumeration, Use Case: Subdomain Enumeration, and Use Case: Vhost Enumeration.
<ol>
<li>What flag to we use to specify the target URL? <code>-u</code>
</li>
<li>What command do we use for the subdomain enumeration mode? <code>dns</code>
</li>
<li>Which flag do we have to add to our command to skip the TLS verification? Enter the long flag notation. <code>--no-tls-validation</code>
</li>
<li>Enumerate the directories of <a href="http://www.offensivetools.thm" class="autolinkedURL autolinkedURL-url" target="_blank">offensivetools.thm</a>. Which directory catches your attention? <code>secret</code>
</li>
<li>Continue enumerating the directory found in question 2. You will find an interesting file there with a .js extension. What is the flag found in this file? <code>THM{ReconWasASuccess}</code>
</li>
<li>Apart from the dns keyword and the -w flag, which shorthand flag is required for the command to work? <code>-d</code>
</li>
<li>Use the commands learned in this task, how many subdomains are configured for the offensivetools.thm domain? <code>4</code>
</li>
<li>Use the commands learned in this task to answer the following question: How many vhosts on the offensivetools.thm domain reply with a status code 200? <code>4</code>
</li>
</ol>
Thank you for reading my article. Please leave any questions or comments on improving my learning journey and the THM challenges. We can also connect more on <a target="_blank" href="https://www.linkedin.com/in/sharon-jebitok">LinkedIn</a> or <a target="_blank" href="https://x.com/SharonJebitok">X</a>.

In this article, I will write a Gobuster: The Basics that covers Environment and Setup, Gobuster: Introduction, Use Case: Directory and File Enumeration, Use Case: Subdomain Enumeration, and Use Case: Vhost Enumeration.

1. What flag to we use to specify the target URL? `-u`
    
2. What **command** do we use for the subdomain enumeration mode? `dns`
    
3. Which flag do we have to add to our command to skip the TLS verification? Enter the long flag notation. `--no-tls-validation`
    
4. Enumerate the directories of www.offensivetools.thm. Which directory catches your attention? `secret`
    
5. Continue enumerating the directory found in question 2. You will find an interesting file there with a .js extension. What is the flag found in this file? `THM{ReconWasASuccess}`
    
6. Apart from the dns keyword and the -w flag, which **shorthand flag** is required for the command to work? `-d`
    
7. Use the commands learned in this task, how many subdomains are configured for the offensivetools.thm domain? `4`
    
8. Use the commands learned in this task to answer the following question: How many vhosts on the offensivetools.thm domain reply with a status code 200? `4`
    

Thank you for reading my article. Please leave any questions or comments on improving my learning journey and the THM challenges. We can also connect more on [**LinkedIn**](https://www.linkedin.com/in/sharon-jebitok) or [**X**](https://x.com/SharonJebitok)**.**

Offensive Security Tooling: Gobuster: The Basics (TryHackMe)