Fuzzing
About
Fuzzing is a technique involves inputting massive amounts of random data, called fuzz, to the test subject in an attempt to make it crash, hack or behave useful for us.
Ffuf
Command
Description
ffuf -h
ffuf help
ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ
Directory Fuzzing
ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/indexFUZZ
Extension Fuzzing
ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/page/FUZZ.php
Page Fuzzing
ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v
Recursive Fuzzing
ffuf -w wordlist.txt:FUZZ -u https://FUZZ.amogus.com/
Sub-domain Fuzzing
ffuf -w wordlist.txt:FUZZ -u http://amogus.com:PORT/ -H 'Host: FUZZ.amogus.com' -fs xxx
VHost Fuzzing
ffuf -w wordlist.txt:FUZZ -u http://admin.amogus.com:PORT/admin/admin.php?FUZZ=key -fs xxx
Parameter Fuzzing - GET
ffuf -w wordlist.txt:FUZZ -u http://admin.amogus.com:PORT/admin/admin.php -X POST -d 'FUZZ=key' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx
Parameter Fuzzing - POST
ffuf -w ids.txt:FUZZ -u http://admin.amogus.com:PORT/admin/admin.php -X POST -d 'id=FUZZ' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx
Value Fuzzing
Wordlists
Command
Description
/opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt
Directory/Page Wordlist
/opt/useful/SecLists/Discovery/Web-Content/web-extensions.txt
Extensions Wordlist
/opt/useful/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
Domain Wordlist
/opt/useful/SecLists/Discovery/Web-Content/burp-parameter-names.txt
Parameters Wordlist
Last updated