ffuf
Fuzz Faster U Fool
sudo git clone https://github.com/ffuf/ffuf ; cd ffuf ; go get ; go build
#Usage
ffuf -w /path/to/wordlist -u https://target/FUZZ
ffuf -u https://FUZZ.example.com -w wordlist.txt -mc 200,301,302,403 (Match status code)
ffuf -u https://example.com/FUZZ -w wordlist.txt -recursion (search recursively)
ffuf -u https://example.com/Fuzz -w wordlist.txt -e .bak,.zip (Fuzz extensions)
ffuf -w raft-large-files.txt -u 'https://test.com/?lang=FUZZ' -mc 200 -fs 74763
(filter out file size of 74763, check what majority response you get and filter out)
ffuf -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-big.txt -u 'https://example.com/?secure_scheme=true/FUZZ' -fc 400,401,402,403,404,429,500,501,502,503 -recursion -recursion-depth 2 -e .html,.php,.txt,.pdf,.js,.css,.zip,.bak,.old,.log,.json,.xml,.config,.env,.asp,.aspx,.jsp,.gz,.tar,.sql,.db -ac -c -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0" -H "X-Forwarded-For: 127.0.0.1" -H "X-Originating-IP: 127.0.0.1" -H "X-Forwarded-Host: localhost" -t 100 -r Last updated