ffuf

https://github.com/ffuf/ffuf

ffuf is a fast web fuzzer written in Go that allows typical directory discovery, virtual host discovery (without DNS records) and GET and POST parameter fuzzing.

Basic scan

ffuf -u http://$IP/FUZZ -w /usr/share/dirbuster/wordlists/directory-list-lowercase-2.3-medium.txt

ffuf -u http://$IP/FUZZ -w /usr/share/dirbuster/wordlists/directory-list-lowercase-2.3-medium.txt -s

Subdomains

ffuf -u http://$IP -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt -H 'Host: FUZZ.fqdn'
PreviousferoxbusterNextcrackmapexec

Last updated