Gobuster is a tool used to brute-force URIs, DNS subdomains, and Virtual Hostnames.
Fuzzing or fuzz testing is an automated technique that involves providing a large variety of input data, hoping to induce an unexpected response.
Fuzzing for Local File Inclusion
gobuster dir -u "http://203.0.113.10/view.php?page=" -w /usr/share/wordlists/lfi_list.txtTechniques to either guess or confirm valid directories. Directory enumeration is often a web application attack, though it can also be leveraged on any system with a directory structure.
Using dir mode, specify wordlist, extensions, and thread count
gobuster dir -u "http://203.0.113.10/files_directory/" -w /usr/share/wordlists/apache_file_list.txt -x php,js,txt -t 18