Ffuf

Description

ffuf is a fest web fuzzer written in Go that allows typical directory discovery, virtual host discovery (without DNS records) and GET and POST parameter fuzzing.

General Usage

Directory discoveryVhosts discoveryCustom extensionsRecursionProxy

ffuf -u http://10.10.10.10/FUZZ -w raft-large-words.txt

ffuf -u http://10.10.10.10 -H "Host: FUZZ.domain" -w raft-large-words.txt

ffuf -u http://10.10.10.10/FUZZ -e .php,.bak,.html -w raft-large-words.txt

ffuf -u http://10.10.10.10/FUZZ -recursion -w raft-large-words.txt

ffuf -u http://10.10.10.10/FUZZ -x http://127.0.0.1:8080 -w raft-large-words.txt

Filters & Matchers

HTTP status codesAmount of linesResponse sizeAmount of wordRegexp

Ignore 403 & 404 status code from response

ffuf -u http://10.10.10.10/FUZZ -fc 404,403 -w raft-large-words.txt

Match with response status code 200

ffuf -u http://10.10.10.10/FUZZ -mc 200 -w raft-large-words.txt

Ignore responses with 38 lines

ffuf -u http://10.10.10.10/FUZZ -fl 38 -w raft-large-words.txt

Match with responses that have 24 lines

ffuf -u http://10.10.10.10/FUZZ -ml 24 -w raft-large-words.txt

Ignores responses that have a size of 500 characters

ffuf -u http://10.10.10.10/FUZZ -fs 500 -w raft-large-words.txt

Match with responses that have a size of 33 characters

ffuf -u http://10.10.10.10/FUZZ -ms 33 -w raft-large-words.txt

Ignore responses with 55 words

ffuf -u http://10.10.10.10/FUZZ -fw 55 -w raft-large-words.txt

Match with responses that have 22 words

ffuf -u http://10.10.10.10/FUZZ -mw 22 -w raft-large-words.txt

Ignores responses that contain the word "template"

ffuf -u http://10.10.10.10/FUZZ -fr "template" -w raft-large-words.txt

Match with responses that contain the word "password"

ffuf -u http://10.10.10.10/FUZZ -mr "password" -w raft-large-words.txt

Input

Using a request file

ffuf -request login.req -request-proto http -w raft-large-words.txt

Output

Write output to fileFile formatsDirectoryLog

ffuf -u http://10.10.10.10/FUZZ -o ffuf.txt -w raft-large-words.txt

Save the output to a csv file

ffuf -u http://10.10.10.10/FUZZ -of csv -o ffuf.csv -w raft-large-words.txt
# Available formats: json, ejson, html, md, csv, ecsv

Store each request and response in the ffuf-output folder

ffuf -u http://10.10.10.10/FUZZ -od ffuf-output -w raft-large-words.txt

Write all of the internal logging to the debug.txt file

ffuf -u http://10.10.10.10/FUZZ -debug-log debug.txt -w raft-large-words.txt

References

• Official Github
• Kali Tools
• Haax CheatSheet
• Seclists