wfuzz usage:

Directory Brute Force
Directory brute force excluding any page returning a 404 error code

wfuzz -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt  --hc 404

Parameter Brute Force
If we want to test for parameters as shown below, then use the wordlist

Next we use

The word FUZZ to tell WFUZZ where to add our payload.

wfuzz -c -w /usr/share/wordlists/SecLists/Discovery/Web-Content/burp-parameter-names.txt

This outputs a huge wealth of 200 messages that we notice are all 19 characters long.

We can therefore filter out all of these 19 character lengths by using the "hh" with a value.

"--hh=19" in this case.

wfuzz -c -w /usr/share/wordlists/SecLists/Discovery/Web-Content/burp-parameter-names.txt --hh=19

We now only have 1 result as expected.

Another way would be to hide all responses that return a html 200 code. We do this with "--hc=200" and we get the same response.

No comments:

Post a Comment