Medium word list is a good place to start. SecLists fuzzing lists as well; raft is a good one.
If target is linux (apache, etc); use the following extensions
If target is Windows; use the following extensions
gobuster -w /usr/share/wordlists/directory-list-lowercase-2.3-medium.txt -h http://<target> -o gobustlist
wfuzz -c -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --hc 404 http://<target>/?FUZZ
Tee that out to a file to grep later.
OWASP ZAP tool is a decent free spidering tool.
Burp Suite Intruder and plugins are very useful for discovery.