A graphical programme called DirBuster is intended for brute-forcing web application directories. When DirBuster is combined with Kali Linux, a penetration testing distribution of choice, it becomes an invaluable tool for locating hidden folders and possible security holes in web applications. We'll go over the features, how to install DirBuster on Kali Linux, and how to use it efficiently in this article.

DirBuster is a graphical tool designed for web application directory brute-forcing. When integrated with Kali Linux, a favored distribution for penetration testing, DirBuster becomes a valuable asset for discovering hidden directories and potential vulnerabilities within web applications. In this guide, we'll explore the features, installation process, and how to effectively run DirBuster on Kali Linux.


  • DirBuster specializes in brute-forcing directories and files on web servers, providing a user-friendly interface for efficient discovery of hidden paths.
  • It comes with predefined directory lists categorized by name and application type, enabling users to choose the most suitable list for their specific testing scenario.
  • Users can specify file extensions to search for, offering insights into the types of files present on the web server.
  • DirBuster supports both HTTP and HTTPS protocols, making it adaptable to various web application environments.
  • DirBuster allows users to save and resume sessions, facilitating long-duration scans and ensuring continuity in the event of interruptions.


While DirBuster is not pre-installed on Kali Linux, users can install it with the following steps:


After installation, users can launch DirBuster from the Kali Linux application menu or by running dirbuster in the terminal.


  1. Open a terminal and run dirbuster to start the graphical interface.
  2. Enter the target URL in the "URL" field.
  3. Choose a directory list from the "Directory List" dropdown or provide a custom list.
  4. Configure other settings, such as threads, file extensions, and authentication if necessary.
  5. Click the "Start Attack" button to initiate the directory brute-force scan.
  6. DirBuster will display the progress and discovered directories in real-time. Once the scan is complete, users can review the results and identify potentially interesting paths.


Table of Contents: