### 디렉토리 및 파일 열거 dir
```bash
gobuster dir -u <IP> -w <wordlist> -x php,html,txt -t 50
```
- `-b 403,404`: 무시할 상태 코드 지정
- `-k`: SSL 인증서 무시 (https 접속 시 유용)
### API endpoint
```bash
# pattern.txt
{GOBUSTER}/v1
# gobuster
gobuster dir -u http://<IP> -w wordlist -p pattern.txt
```
### DNS subdomain
```bash
gobuster dns -d target.com -w <wordlist> -t 50
```
### VHost
```bash
gobuster vhost -u http://target.com -w <wordlist> -t 50
```
### S3 bucket
```bash
gobuster s3 -w buckets.txt
```
### Wordlists
```bash
/usr/share/wordlists/dirbuster/directory-list-2.3-small.txt (or medium)
/usr/share/seclists/Discovery/Web-Content/common.txt
/usr/share/seclists/Discovery/Web-Content/api/api-endpoints.txt (API)
/usr/share/wordlists/dirb/big.txt
```