wfuzz

sudo apt install wfuzz

#Fuzzing a specific domain

wfuzz -H ‘HOST: FUZZ.shuriken.local’ -u ‘http://10.10.10.10’ -w /usr/share/dirb/wordlist/big.txt

#Fuzzing a specific parameter

Example target : http://192.168.101.143/search1.php?id=about.php

Fuzzing:

wfuzz -c -w /usr/share/wordlists/dirb/big.txt -u http://192.168.101.143/search1.php?FUZZ=about.php --hw 288

--hw will parse through false positives

#Attacking a login page

sudo wfuzz -c -w pass.txt -d “username=redcliff&pass=FUZZ” --hc 200 10.10.10.10/login.php

#Looking for common directories

wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZ

#Looking for common Files

wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ.php

#Fuzzing URLs

You often want to fuzz some sort of data in the URL’s query string, this can be achieved by specifying the FUZZ keyword in the URL after a question mark

wfuzz -z range,0-10 --hl 97 http://testphp.vulnweb.com/listproducts.php?cat=FUZZ

#Fuzz a post request If you want to fuzz some form-encoded data like an HTML form will do, simply pass a -d command line argument

wfuzz -z file,wordlist/others/common_pass.txt -d "uname=FUZZ&pass=FUZZ" --hc 302 http://testphp.vulnweb.com/userinfo.php

PreviousFuzzing Nextffuf

Last updated 2 years ago