Skip to main content

Web Fuzzing

Introduction to FFUF

ffuf logo

FFUF (Fuzz Faster U Fool) is a fast web fuzzer written in Go that is used to discover hidden resources and vulnerabilities in web applications. It is highly configurable and supports a wide range of fuzzing techniques, making it a powerful tool for penetration testers and security researchers.

warning

Do not use FFUF on this website, or any other website without permissions.

Key Features

  • High Performance: FFUF is designed to be fast, using Go's concurrency model to maximize performance and speed up the fuzzing process.

  • Customizable Payloads: Supports custom payloads for directory and file enumeration, parameter fuzzing, and other types of web application testing.

  • Flexible Output Options: Provides various output formats, including JSON and simple text, to integrate with other tools and processes.

  • Extensible: Offers a range of options for customizing requests, including user-agent headers, cookies, and HTTP methods.

Installing FFUF

FFUF can be installed on different ways:

info

Pre-installed with Kali Linux.

Using Go

If you have Go installed, you can install FFUF using the following command:

go install github.com/ffuf/ffuf@latest

Binary Releases

You can also download precompiled binaries from the FFUF GitHub releases page.

Basic Usage

You can download the sample wordlists from ffuf website:

wget http://ffuf.me/wordlist/common.txt
wget http://ffuf.me/wordlist/parameters.txt
wget http://ffuf.me/wordlist/subdomains.txt

To perform a basic directory fuzzing scan, use the following command:

ffuf -u http://testphp.vulnweb.com/FUZZ -w common.txt
  • -u specifies the URL to fuzz, with FUZZ being the placeholder for where the payloads will be inserted.
  • -w specifies the path to the wordlist file containing the payloads.

Advanced Usage

Fuzzing Multiple Parameters

To fuzz multiple parameters simultaneously:

ffuf -u http://example.com/page?param1=FUZZ1&param2=FUZZ2 -w /path/to/wordlist1.txt -w /path/to/wordlist2.txt

Using Custom Headers

To include custom headers in your requests:

ffuf -u http://example.com/FUZZ -w /path/to/wordlist.txt -H "Authorization: Bearer YOUR_TOKEN"

Filtering Results

To filter results based on status codes:

ffuf -u http://example.com/FUZZ -w /path/to/wordlist.txt -fc 404
  • -fc specifies status codes to filter out from the results.

External Resources

FFUF is a versatile and efficient tool for web application security testing, offering powerful features for discovering hidden vulnerabilities and resources. Whether you're a security researcher or a penetration tester, FFUF can enhance your fuzzing capabilities and streamline your workflow.