๐Ÿ› ๏ธ Tools

ffuf

ffuf is a fast web fuzzer written in Go. It is a powerful tool for brute-forcing files and directories on a web server.

Key Features

  • Fast: ffuf is very fast and can send a large number of requests in a short amount of time.
  • Flexible: ffuf can be used to fuzz a wide variety of parameters, including URLs, headers, and POST data.
  • Recursive: ffuf can be used to recursively scan a web server for hidden files and directories.

Basic Usage

bash
ffuf -w /path/to/wordlist.txt -u http://www.example.com/FUZZ

Common Options

  • -w: Specify a wordlist to use.
  • -u: Specify the URL to fuzz.
  • -X: Specify the HTTP method to use.
  • -H: Specify a header to use.
  • -d: Specify the data to use for a POST request.

ffuf is a powerful and versatile tool that is an essential part of any penetration tester's toolkit.