@FUBAR said:
What is your opinion on using dirbuster/gobuster for a vulnerability scan? it is technically a brute forcer but it would be interesting to see what hidden directories can be found.
Can that fall under a vulnerability assessment? (I did already get permission to use it as well, I’m just unsure if I should because I want to err on the safe safe)
IMHO the answer is “it depends” and I get that isn’t very helpful.
So it is a brute forcer but if you get approval from the system owner to do this, then you should be ok to run it. Generally speaking, they just generate a huge number of GET requests so any concerns are likely to hinge on resource utilisation/exhaustion.
For example, if you have approval to run a VA scan without DOS checks, you might not want to run directory scans.
**But it depends. **
If you can modify the scan to make it less aggressive it might be OK. If you run rockyou against multiple extensions with hundreds of concurrent threads, you may well cause a problem.