Greeting everyone ! Hope All going good Today In This Blog We will explore How To utilize Content Discovery Phase While Your Doing Vulnerability assessment Against Your targeted Web Application . We Will explore one of best tool ffuf which is fast web fuzzer .
- What is ffuf ?
- Installation Of ffuf ?
- Example usage of ffuf ?
- Advantage of ffuf ?
What is ffuf ?
As You many know About some awesome tool such as dirsearch , dirb , go buster , wfuzz which basically default With kali System or Some linux distribution . FFUF which name as “Fuzz Faster you Fool” is an open source web fuzzing tool, which discovering elements and content within web applications or web servers in an fast manner . Ffuf has different functionality Such as fuzz directory , vhost discovery , Fuzzing based On parameter GET as POST.
Installation Of ffuf ?
How To install ffuf As we know ffuf which is developed By go language so before Installation You need to make environment for go installation
To install ffuf :
- git clone https://github.com/ffuf/ffuf
- cd ffuf
- go get
- go build
go build which complied Go Installation . To check installation Guide through their official Website https://github.com/ffuf/ffuf
Example usage of ffuf ?
First Lets check is Your ffuf is successfully Installed Or Not
Command : ffuf -h
As above picture we used -h to check its usage different flag which we will utilize While your Testing .
- -u: the target URL
- -c: add color to output
- -r: follow redirects
- -t: timeout in seconds (default 10)
- -x: send through a proxy
Now lets discover content , directory Which is present On Our target Domain for directory and contents which can be discovered with following command :
Ffuf -w wordlist.txt -u http://target.com
As above we used -w which carries our wordlist -u for specific url and make sure set endpoint as fuzz
Example.com/FUZZ . As above picture we got some directory Structure with its 301, 403, 200 etc.
Now supposed we Only need Directory which response code is 200 Only And we want to skip response and we need specific extension type here will use command :
ffuf -w wordlist.txt -w http://yourdomain.txt/FUZZ -e php,.html -mc 200
As above We see As output able to get Specific Response with Specific File Extension .
Now fuzz specific Parameter field using ffuf . here we will use command :
ffuf -w param.txt -u http://testphp.vulnweb.com/search.php?test=FUZZ -fs 4242
As above we set parameter list to fuzz against Specific field and This also assumes an response size of 4242 bytes for invalid GET parameter name.
Lookup website vhost using ffuf is also help us to lookup vhost against our target we will use command :
ffuf -w host.txt -u https://target -H “Host: FUZZ” -fs 4242
We used the default virtualhost response size is 4242 bytes, we can filter out all the responses of that size (
-fs 4242)while fuzzing the Host – header.
This Article is Only for Educational Purpose if your Doing Penetration Testing this tool help you in your Recon process which is also possible to Manipulate backend confidential data .
Advantage of ffuf ?
- This is fast web fuzzer tool which allow us to fuzz against host , parameter , endpoint directory .
- We can specify different flags which utilize out testing phase .
- Ffuf is easy to use and open source
Conclusion : In This Blog we discussed how To use ffuf tool we discus some of its example how utilize this tool on your testing phase . Hope You learn some thing new ! cheers !
Thanks For Reading……. See You In Another Blog!
Stick With Our Blog : https://securiumsolutions.com/blog/
Author : Pallab Jyoti Borah | VAPT Analyst