How to use FFUF with proxychains - kdaisho/Blog GitHub Wiki

FFUF

FFUF (Fuzz Faster U Fool) is a fast and flexible web fuzzing tool used for discovering hidden files, directories, and parameters on a website.

Usage example:

ffuf -u https://brailler.daishodesign.com:FUZZ -w /usr/share/wordlists/dirb/common.txt -x socks5://127.0.0.1:9050 -e .php,.txt,.html

You must end the URL with FUZZ when using FFUF. The FUZZ keyword is a placeholder that FFUF will replace with each entry from your wordlist during the brute-forcing process.

-u: Target URL

-w: Wordlist file path and (optional) keyword separated by colon. eg. '/path/to/wordlists:KEYWORD'

-x: (optional) Proxy URL (SOCKS5 or HTTP)

-e: (optional) Comma separated list of extensions

What happens if you don’t use -e?

FFUF will only test the exact words in your wordlist without adding extensions. Example without -e:

ffuf -u http://target.com/FUZZ -w wordlist.txt

http://target.com/admin
http://target.com/login
http://target.com/index

What happens if you use -e?

FFUF appends each extension to every word in your wordlist. Example with -e .php,.html,.txt:

ffuf -u http://target.com/FUZZ -w wordlist.txt -e .php,.html,.txt

http://target.com/admin
http://target.com/admin.php
http://target.com/admin.html
http://target.com/admin.txt
http://target.com/login
http://target.com/login.php
http://target.com/login.html
http://target.com/login.txt