Hey Folks, today we are going to discuss the best and top leading tool for web penetration testing and it is also promoted by “Offensive Security”. FFUF has a channel at Porchetta Industries Discord server alongside of channels for many other tools. It is the fastest content discovery tool with the least configuration.
Let’s talk about this tool 🙂 !!
It is mandatory that the Go utility should be pre-configured in our system. You can install and set GOPATH environment variable on your system with the help of below commands.
apt install golang -y
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/binNow we can download this tool through Go utility and can easily operate it anywhere by entering the name of this tool.
go get -u github.com/ffuf/ffuf
ffuf -hIt performs dictionary based attack against web application to identify sensitive files, so we need to place wordlist with website URL but make sure you describe “FUZZ” wherever you want to attack needed. Once execute the command we got some useful files and hidden location of the website.
Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ
./ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ"Simply we have to mention the response code in the command and then it will show the result only related to the given response code.
Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ -mc { Code }
./ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 200Now to further improve your results you can add another query of specific extension to the command so that it can give you results accordingly. In our case we choose only files with extension “.php“.
Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ -mc { Code } -e { eextension }
ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 200 -e .phpNow we can save all these results in any file format by simply adding “-o” syntax to our command.
ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 200 -e .php -o new.txtHmm 🙂 !! As you can see the results are saved but as raw format which makes it quite difficult to view. Anyway if there are any other features left of this tool then you can tell us in the comment section.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
The security of your API should be one of the top priorities of companies. Without…
Hey Folks, In today's business world, it is essential to have an online presence. However,…
Hey Folks, Is your business prepared in case of a cyber attack? Many companies don't…
This website uses cookies.