ffuf — Fuzzing | Tools

Description

ffuf (Fuzz Faster U Fool) is versatile enough to be used as both a content discovery tool and a general-purpose web fuzzer. In fuzzing mode, it excels at parameter value fuzzing, authentication brute forcing, and input testing.

Installation

BASH

go install github.com/ffuf/ffuf/v2@latest

Basic Usage

                        BASH
                        
                            # Parameter value fuzzing
ffuf -u "https://target.com/?param=FUZZ" -w payloads.txt

# POST body fuzzing
ffuf -u https://target.com/login -X POST -d "user=admin&pass=FUZZ" -w passwords.txt

Advanced Usage

                        BASH
                        
                            # Header fuzzing
ffuf -u https://target.com -H "X-Custom: FUZZ" -w wordlist.txt

# Multiple positions (clusterbomb mode)
ffuf -u https://target.com/login -X POST -d "user=FUZZ1&pass=FUZZ2" -w users.txt:FUZZ1 -w pass.txt:FUZZ2 -mode clusterbomb

# With filters for identifying interesting responses
ffuf -u "https://target.com/?q=FUZZ" -w payloads.txt -fr "not found" -mc all

# Rate limited fuzzing
ffuf -u "https://target.com/?q=FUZZ" -w payloads.txt -rate 50 -t 10

Common Workflows

                        BASH
                        
                            # Fuzz for IDOR
seq 1 1000 | ffuf -u "https://target.com/api/user/FUZZ" -w - -mc 200 -ac

# Auth bypass testing
ffuf -u https://target.com/admin -H "X-Forwarded-For: FUZZ" -w bypass-headers.txt -mc 200