WFuzz

  • Official description: "Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities."

  • It is preinstalled on kali. Check it out on github here

  • Here is the documentation

Subdomain enumeration

  • wfuzz -c -f sub-fighter -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -u 'http://lazyadmin.thm/' -H "HOST: FUZZ.lazyadmin.thm" --hw 968

    • hw will filter the response that contains the number of words specified. Very convenient for notfound pages that give 200 code.

    • hc 302 will remove all 302 responses from the output

Directory busting

  • wfuzz -c -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt http://target.com/FUZZ

API Fuzz

  • Check out this article here to see how to use it on API

Last updated