DirBuster
E721452
DirBuster is a web application penetration testing tool used to brute-force and discover hidden directories and files on web servers.
All labels observed (1)
| Label | Occurrences |
|---|---|
| DirBuster canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T8249224 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
NED1
Entity disambiguation (via context triple)
gpt-5-mini-2025-08-07
Target entity: DirBuster Context triple: [dirb, similarTo, DirBuster]
-
A.
dirb
dirb is a web content scanner used in penetration testing to brute-force and discover hidden files and directories on web servers.
-
B.
OWASP ZAP
OWASP ZAP (Zed Attack Proxy) is an open-source web application security testing tool used to find vulnerabilities in web applications.
-
C.
Burp Suite
Burp Suite is a popular integrated platform for web application security testing, widely used by penetration testers to identify and exploit vulnerabilities.
-
D.
John the Ripper
John the Ripper is a widely used open-source password cracking tool designed for security auditing and penetration testing.
-
E.
sqlmap
sqlmap is an open-source penetration testing tool that automates the detection and exploitation of SQL injection vulnerabilities in web applications.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
NED2
Entity disambiguation (via description)
gpt-5-mini-2025-08-07
Target entity: DirBuster Target entity description: DirBuster is a web application penetration testing tool used to brute-force and discover hidden directories and files on web servers.
-
A.
dirb
dirb is a web content scanner used in penetration testing to brute-force and discover hidden files and directories on web servers.
-
B.
OWASP ZAP
OWASP ZAP (Zed Attack Proxy) is an open-source web application security testing tool used to find vulnerabilities in web applications.
-
C.
Burp Suite
Burp Suite is a popular integrated platform for web application security testing, widely used by penetration testers to identify and exploit vulnerabilities.
-
D.
John the Ripper
John the Ripper is a widely used open-source password cracking tool designed for security auditing and penetration testing.
-
E.
sqlmap
sqlmap is an open-source penetration testing tool that automates the detection and exploitation of SQL injection vulnerabilities in web applications.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
directory brute-forcing tool
ⓘ
security testing software ⓘ web application security tool ⓘ |
| canDiscover |
backup files
ⓘ
configuration files ⓘ hidden directories ⓘ hidden files ⓘ unlinked resources ⓘ |
| category |
directory and file enumeration tools
ⓘ
penetration testing tools ⓘ web application security tools ⓘ |
| commonlyIncludedIn |
Kali Linux
NERFINISHED
ⓘ
penetration testing distributions ⓘ |
| detectsBy |
HTTP status codes
ⓘ
response content patterns ⓘ response size differences ⓘ |
| developedBy | OWASP NERFINISHED ⓘ |
| distributedAs | open source software ⓘ |
| hasInterface |
command-line interface
ⓘ
graphical user interface ⓘ |
| license | GPL-like open source license ⓘ |
| partOf | OWASP projects NERFINISHED ⓘ |
| primaryFunction |
brute-force directories on web servers
ⓘ
discover hidden files on web servers ⓘ enumerate content on web applications ⓘ |
| requiresPlatform | Java Runtime Environment NERFINISHED ⓘ |
| runsOn |
Linux
NERFINISHED
ⓘ
Windows NERFINISHED ⓘ macOS NERFINISHED ⓘ |
| securityImpact | helps identify attack surface on web applications ⓘ |
| supportsFeature |
basic authentication brute-forcing support
ⓘ
custom wordlists ⓘ file extension brute-forcing ⓘ multi-threaded scanning ⓘ proxy support ⓘ recursive directory brute-forcing ⓘ status code-based result filtering ⓘ user-agent customization ⓘ |
| supportsProtocol |
HTTP
NERFINISHED
ⓘ
HTTPS ⓘ |
| typicalUsers |
bug bounty hunters
ⓘ
penetration testers ⓘ security researchers ⓘ |
| usedFor |
content discovery on HTTP servers
ⓘ
information gathering in security assessments ⓘ web application penetration testing ⓘ |
| usesTechnique |
HTTP response analysis
ⓘ
dictionary-based brute-forcing ⓘ |
| writtenInLanguage | Java NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Input
Subject: DirBuster Description of subject: DirBuster is a web application penetration testing tool used to brute-force and discover hidden directories and files on web servers.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.