👾
ctrl-z
  • 👋Welcome to ctrl-z
  • Cheat Sheets
    • Helpful Command QR
    • Footprinting
    • Information Gathering
    • File Transfers
    • LFI
    • MetaSploit
      • Using msfconsole
      • Creating Metasploit Payloads
    • Shells
      • Shells and Payloads
      • Shell Cheatsheet
    • Password Attacks
    • Attacking Common Services
    • Pivoting & Port Forwarding
    • Web Attacks
      • SQL
        • MySQL & SQLi
        • SQLmap
      • Fuzzing w FFUF
      • Bruteforce w Hydra
      • XSS
    • Active Directory
      • Intro to AD
      • AD Enum&Attack
      • RPC-Client
      • 🥝mimikatz
      • NTLM Relay Attacks
    • 💢Buffer Overflow
    • Priv Esc
      • Linux Priv Esc
      • Windows Priv Esc
        • mimikatz
  • Tools
    • Containers
      • Kubernetes
      • Container Testing Methodology
      • Dropping Kali in your test space
    • Cloud
      • aws cli
    • Command Line
      • Linux Basic CML
      • Windows CML
      • Mac CML
    • Redteam & C2
      • Covenant C2
    • JS Deobuscation
    • Crackmapexec
  • Scripts
    • Priv Esc
  • Loot
  • Write Ups
    • Inject (active at the time)
Powered by GitBook
On this page
  • Wordlists
  • Misc
  1. Cheat Sheets
  2. Web Attacks

Fuzzing w FFUF

PreviousSQLmapNextBruteforce w Hydra

Last updated 2 years ago

Command

Description

ffuf -h

ffuf help

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ

Directory Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/indexFUZZ

Extension Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/blog/FUZZ.php

Page Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v

Recursive Fuzzing

ffuf -w wordlist.txt:FUZZ -u https://FUZZ.hackthebox.eu/

Sub-domain Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://targeturl.com:PORT/ -H 'Host: FUZZ.targeturl.com' -fs xxx

VHost Fuzzing

ffuf -w wordlist.txt:FUZZ -u http://admin.targeturl.com:PORT/admin/admin.php?FUZZ=key -fs xxx

Parameter Fuzzing - GET

ffuf -w wordlist.txt:FUZZ -u http://admin.targeturl.com:PORT/admin/admin.php -X POST -d 'FUZZ=key' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx

Parameter Fuzzing - POST

ffuf -w ids.txt:FUZZ -u http://admin.targeturl.com:PORT/admin/admin.php -X POST -d 'id=FUZZ' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx

Value Fuzzing

Wordlists

Command

Description

/opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt

Directory/Page Wordlist

/opt/useful/SecLists/Discovery/Web-Content/web-extensions.txt

Extensions Wordlist

/opt/useful/SecLists/Discovery/DNS/subdomains-top1million-5000.txt

Domain Wordlist

/opt/useful/SecLists/Discovery/Web-Content/burp-parameter-names.txt

Parameters Wordlist

Misc

Command

Description

sudo sh -c 'echo "SERVER_IP targeturl.com" >> /etc/hosts'

Add DNS entry

for i in $(seq 1 1000); do echo $i >> ids.txt; done

Create Sequence Wordlist

curl http://admin.targeturl.com:PORT/admin/admin.php -X POST -d 'id=key' -H 'Content-Type: application/x-www-form-urlencoded'

curl w/ POST