FUFF | KCN

Web Paths

fuff -w /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt:FUZZ -u http://[TARGET_DOMAIN]/FUZZ
Web Path FUZZ.

Virtual Host Fuzz

ffuf -w /usr/share/wordlists/seclists/Discovery/DNS/namelist.txt -H "Host: FUZZ.[TARGET_DOMAIN]" -u http://[TARGET_DOMAIN] -fs 2395
Virtual Host FUZZ.

User Enumeration

ffuf -w /usr/share/wordlists/seclists/Usernames/Names/names.txt -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u http://[TARGET_DOMAIN]/signup -mr "username already exists"
User Enumeration.

FUFF HTTP POST Form Brute Force

ffuf -w myUsersFile.txt:W1,/usr/share/wordlists/rockyou.txt:W2 -X POST -d "username=W1&password=W2" -H "Content-Type: application/x-www-form-urlencoded" -u http://[TARGET_IP]/login -fc 200
Brute Force HTTP POST form with valid username.

Flags

-fs
Size to filter (do not show response with this size).
-mr
Text on the page we are looking for to validate.

-w
Wordlist location.
-u
Specifies the URL.
-d
Data (fields) that we send.
-H
Add additional headers to the request.

Web Paths#

Virtual Host Fuzz#

User Enumeration#

FUFF HTTP POST Form Brute Force#

Flags#

Web Paths

Virtual Host Fuzz

User Enumeration

FUFF HTTP POST Form Brute Force

Flags