X0NE 1 year ago

FFUF cheat sheet for penetration testers

ffuf (short for "Fuzz Faster U Fool") is a powerful and fast web fuzzer written in Go programming language.

# FFUF: Directory Scanning


# Basic directory scan with wordlist

ffuf -w /path/to/wordlist.txt -u http://target/FUZZ


# Recursively scan directories with 2XX status codes only

ffuf -w /path/to/wordlist.txt -u http://target/FUZZ/FUZZ -recursion -recursion-depth 2 -mc 200


# FFUF: Virtual Host Scanning


# Scan virtual hosts with wordlist

ffuf -w /path/to/wordlist.txt -u http://FUZZ.target/ -H "Host: FUZZ.target"


# FFUF: LFI Fuzzing


# Basic LFI fuzzing with ../

ffuf -w /path/to/wordlist.txt -u http://target/file.php?file=../../FUZZ


# Advanced LFI fuzzing with nullbyte (%00) termination

ffuf -w /path/to/wordlist.txt -u "http://target/file.php?file=../FUZZ%00"


# FFUF: Extension Fuzzing


# Fuzzing file extensions with custom wordlist

ffuf -w /path/to/wordlist.txt -u http://target/file.FUZZ


# Fuzzing multiple extensions at once

ffuf -w /path/to/extensions.txt -u http://target/file.FUZZ


# FFUF: Page Fuzzing


# Fuzzing parameter values on a specific page

ffuf -w /path/to/wordlist.txt -u http://target/page.php?id=FUZZ


# Advanced page fuzzing with cookies and headers

ffuf -w /path/to/wordlist.txt -u http://target/page.php -b "cookie1=value1; cookie2=value2" -H "Authorization: Bearer FUZZ"


# General Tips:


# -w : Specifies the wordlist file

# -u : Specifies the target URL with FUZZ as the placeholder

# -mc : Match only specified HTTP status codes (e.g., -mc 200,404)

# -recursion : Enable directory recursion

# -recursion-depth : Set recursion depth level

# -H : Set custom header (e.g., Host for virtual host scanning)

# -b : Set custom cookies for requests

# %00 : Nullbyte termination for LFI fuzzing


0
1.8K
Top 10 Phishing Tools

Top 10 Phishing Tools

defaultuser.png
lazyhacker
1 year ago
How Computer Viruses Operate

How Computer Viruses Operate

https://lh3.googleusercontent.com/a/ACg8ocIkM8EGIx0gz9GUP_nM6_sMxivr6876Wp0e9MAp6mGc=s96-c
xone
8 months ago
What is penetration testing?

What is penetration testing?

https://lh3.googleusercontent.com/a/ACg8ocIkM8EGIx0gz9GUP_nM6_sMxivr6876Wp0e9MAp6mGc=s96-c
xone
7 months ago
Awkward HTB Writeup | HacktheBox

Awkward HTB Writeup | HacktheBox

https://lh3.googleusercontent.com/a/ACg8ocIkM8EGIx0gz9GUP_nM6_sMxivr6876Wp0e9MAp6mGc=s96-c
xone
8 months ago
one-line web server

one-line web server

defaultuser.png
lazyhacker
1 year ago