Navigate

ffuf Command Examples in Linux

FFUF (Fuzz Faster U Fool) is a command-line tool that is used for subdomain and directory discovery during web application security testing. The tool is designed to perform brute-force attacks on web servers in order to discover subdomains and directories that may be hidden or not easily discoverable through other means. It does this by sending a large number of requests to a target server, each with a different word or phrase that it is attempting to match to a subdomain or directory.

FFUF can be used in a variety of different ways, depending on the specific needs of the security tester. For example, it can be used to discover subdomains on a target server by sending requests to the server with a list of known subdomains and attempting to match them to actual subdomains on the server. Additionally, it can be used to discover directories on a target server by sending requests to the server with a list of common directory names and attempting to match them to actual directories on the server.

One of the key features of FFUF is its high performance and flexibility. The tool is designed to be fast and efficient, and it can be customized to suit the specific needs of the security tester. Additionally, FFUF has a variety of options and parameters that can be adjusted to fine-tune its behavior and make it more effective in different scenarios.

ffuf Command Examples

1. Discover directories using a [w]ordlist on a target [u]rl with [c]olorized and [v]erbose output:

# ffuf -w path/to/wordlist -u https://target/FUZZ -c -v

2. Fuzz host-[H]eaders with a host file on a target website and [m]atch HTTP 200 [c]ode responses:

# ffuf -w hosts.txt -u https://example.org -H "Host:FUZZ" -mc 200

3. Discover directories using a [w]ordlist on a target website with a max individual job time of 60 seconds and recursion discovery depth of 2 levels:

# ffuf -w path/to/wordlist -u https://target/FUZZ -maxtime-job 60 -recursion -recursion-depth 2

4. Fuzz GET parameter on a target website and [f]ilter out message [s]ize response of 4242 bytes:

# ffuf -w path/to/param_names.txt -u https://target/script.php?FUZZ=test_value -fs 4242

5. Fuzz POST method with POST [d]ata of password on a target website and [f]ilter out HTTP response [c]ode 401:

# ffuf -w path/to/postdata.txt -X POST -d "username=admin\&password=FUZZ" -u https://target/login.php -fc 401

6. Discover subdomains using a subdomain list on a target website:

# ffuf -w subdomains.txt -u https://website.com -H "Host: FUZZ.website.com"
Related Post
  1. mk Command Examples

    mk is a task runner tool commonly used for controlling the compilation process of executables…

  2. mixxx Command Examples

    Mixxx is a free and open-source DJ software designed for DJs of all skill levels.…

  3. mix Command Examples

    Mix is a versatile build tool designed specifically for Elixir projects. It offers a wide…

  4. mitmproxy Command Examples

    mitmproxy is an interactive HTTP proxy tool that operates as a man-in-the-middle (MITM) between a…

  5. mitmdump Command Examples

    mitmdump is a command-line tool that is part of the mitmproxy suite, which is designed…