[80 443] HTTP HTTPS

[80/443] HTTP/HTTPS

Attacking Web Applications with Ffuf

Common Wordlist Directory

/usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt
/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt

Common Wordlist Extension

/usr/share/seclists/Discovery/Web-Content/web-extensions.txt
/usr/share/seclists/Discovery/Web-Content/raft-medium-extensions-lowercase.txt

Common DNS Wordlist

/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt

Parameter Wordlist

/usr/share/seclists/Discovery/Web-Content/burp-parameter-names.txt

ffuf -h

ffuf help

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ

Directory Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/indexFUZZ

Extension Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/blog/FUZZ.php

Page Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v

Recursive Fuzzing

ffuf -w wordlist.txt:FUZZ -u https://FUZZ.hackthebox.eu/

Sub-domain Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://academy.htb:PORT/ -H 'Host: FUZZ.academy.htb' -fs xxx

VHost Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://admin.academy.htb:PORT/admin/admin.php?FUZZ=key -fs xxx

Parameter Fuzzing - GET

ffuf -w wordlist.txt:FUZZ -u http://admin.academy.htb:PORT/admin/admin.php -X POST -d 'FUZZ=key' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx

Parameter Fuzzing - POST

ffuf -w ids.txt:FUZZ -u http://admin.academy.htb:PORT/admin/admin.php -X POST -d 'id=FUZZ' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx

Value Fuzzing

ffuf -c -w <(seq 1 1337) -u https://example.com/api/users/FUZZ

Previous[53] DNS Enumeration Next[110,143,993,995] IMAP/POP3 Enumeration