Bug Culture Wiki
Pages (Latest 3 updated) :
Menu (Edit):
- Fuzzing with FUFF
Fuzzing with FUFF
Introduction
ffuf (Fuzz Faster U Fool) is a fast web fuzzer used for discovering directories, virtual hosts, parameters, and more.
Installation
sudo apt install ffuf # Kali Linux
go install github.com/ffuf/ffuf/v2@latest # Go installation
1. Directory and File Discovery
Basic Directory Bruteforce
ffuf -u https://target.com/FUZZ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
File Extensions (PHP, TXT, etc.)
ffuf -u https://target.com/FUZZ -w common.txt -e .php,.txt,.bak
Ignoring 403 Forbidden Responses
ffuf -u https://target.com/FUZZ -w directories.txt -mc 200,301,302
2. Virtual Host (VHost) Discovery
Testing for VHost Takeovers
ffuf -u https://FUZZ.target.com -w subdomains.txt -H "Host: FUZZ.target.com"
Wildcard Filtering (Ignore Wildcard Responses)
ffuf -u https://FUZZ.target.com -w subdomains.txt -H "Host: FUZZ.target.com" -fs "<title>Default Page</title>"
3. Parameter Discovery in GET Requests
Fuzzing Query Parameters
ffuf -u "https://target.com/page.php?FUZZ=test" -w param_list.txt
Fuzzing Parameter Values
ffuf -u "https://target.com/page.php?param=FUZZ" -w values.txt
4. Fuzzing POST Requests
Discover Hidden Parameters
ffuf -u "https://target.com/login" -w params.txt -X POST -d "FUZZ=admin&password=pass" -H "Content-Type: application/x-www-form-urlencoded"
Testing for Parameter Pollution
ffuf -u "https://target.com/page.php?param=FUZZ¶m=FUZZ" -w values.txt
5. Advanced Techniques
Fuzzing Multiple Positions
ffuf -u "https://target.com/FUZZ/FUZZ.html" -w words.txt:DIR,extensions.txt:EXT -replay-proxy http://127.0.0.1:8080
Using Rate Limiting
ffuf -u https://target.com/FUZZ -w wordlist.txt -p 0.2
Recursive Fuzzing
ffuf -u https://target.com/FUZZ -w wordlist.txt -recursion -recursion-depth 2
6. Filtering and Matching
Filter Responses by Status Code
ffuf -u https://target.com/FUZZ -w wordlist.txt -mc 200,301,403
Filter by Response Size
ffuf -u https://target.com/FUZZ -w wordlist.txt -fs 1234
Match Specific Words in Response
ffuf -u https://target.com/FUZZ -w wordlist.txt -mr "Admin Panel"
7. Saving Results
Output as JSON
ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.json -of json
Output as CSV
ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.csv -of csv
8. Combining FFUF with Other Tools
Using FFUF with Burp Suite
ffuf -u https://target.com/FUZZ -w wordlist.txt -replay-proxy http://127.0.0.1:8080
Piping FFUF Results into Other Commands
ffuf -u https://target.com/FUZZ -w wordlist.txt | tee output.txt