• We just launched and are currently in beta. Join us as we build and grow the community.

FFUF – A Fastest Web Content Discovery Tool

sparrowmex3

Cyber Risk Analyst
S
S Rep
0
0
0
Rep
0
S Vouches
0
0
0
Vouches
0
Posts
130
Likes
129
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 400 XP
Red-and-Black-Diagonal-Blocks-Elevator-Pitch-Deck-Presentation.webp


Hey Folks, today we are going to discuss the best and top leading tool for web penetration testing and it is also promoted by “Offensive Security”. FFUF has a channel at Porchetta Industries Discord server alongside of channels for many other tools. It is the fastest content discovery tool with the least configuration.

Let’s talk about this tool 🙂 !!

Install Golang

It is mandatory that the Go utility should be pre-configured in our system. You can install and set GOPATH environment variable on your system with the help of below commands.

apt install golang -y
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin1234apt install golang-yexport GOROOT=/usr/lib/goexport GOPATH=$HOME/goexport PATH=$PATH:$GOROOT/bin:$GOPATH/bin

1.png

Install FFUF Tool

Now we can download this tool through Go utility and can easily operate it anywhere by entering the name of this tool.

go get -u github.com/ffuf/ffuf
ffuf -h12go get-ugithub.com/ffuf/ffufffuf-h

2.png

Content Discovery

It performs dictionary based attack against web application to identify sensitive files, so we need to place wordlist with website URL but make sure you describe “FUZZ” wherever you want to attack needed. Once execute the command we got some useful files and hidden location of the website.

Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ

./ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ"1./ffuf-w/usr/share/dirb/wordlists/common.txt-u"http://testphp.vulnweb.com/FUZZ"

3.png

Specific Response Code

Simply we have to mention the response code in the command and then it will show the result only related to the given response code.

Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ -mc { Code }

./ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 2001./ffuf-w/usr/share/dirb/wordlists/common.txt-u"http://testphp.vulnweb.com/FUZZ"-mc200

4.png

Extensions

Now to further improve your results you can add another query of specific extension to the command so that it can give you results accordingly. In our case we choose only files with extension “.php“.

Usage 🙂 !! ffuf -w { wordlist path } -u { URL }/FUZZ -mc { Code } -e { eextension }

ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 200 -e .php1ffuf-w/usr/share/dirb/wordlists/common.txt-u"http://testphp.vulnweb.com/FUZZ"-mc200-e.php

5.png

Save Output

Now we can save all these results in any file format by simply adding “-o” syntax to our command.

ffuf -w /usr/share/dirb/wordlists/common.txt -u "http://testphp.vulnweb.com/FUZZ" -mc 200 -e .php -o new.txt1ffuf-w/usr/share/dirb/wordlists/common.txt-u"http://testphp.vulnweb.com/FUZZ"-mc200-e.php-onew.txt

6.png


Hmm 🙂 !! As you can see the results are saved but as raw format which makes it quite difficult to view. Anyway if there are any other features left of this tool then you can tell us in the comment section.

7.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

435,057

313,705

313,714

F Fjdjfjdjffj
Top