DIRECTORY/FILES FUZZING


=======================Use and review 
https://raw.githubusercontent.com/six2dez/OneListForAll/main/onelistforallshort.txt

=======================Wfuzz : 
>>> wfuzz -c -w /usr/share/wfuzz/wordlist/general/megabeast.txt $IP:80/FUZZ
>>> wfuzz -c -z file,/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --sc 200 http://$IP/FUZZ/
>>>wfuzz -c -w /usr/share/seclists/Discovery/Web_Content/raft-large-files.txt  $IP/FUZZ  --hc 404
>>>wfuzz -c -w /usr/share/seclists/Discovery/Web_Content/raft-large-directories.txt  $IP/FUZZ/  --hc 404
>>> wfuzz -c -z file,/usr/share/seclists/Fuzzing/SQLi/quick-SQLi.txt -d "myusername=john&mypassword=FUZZ&Submit=Login” --hc 404  $URL


=======================Dirsearch : 
>>> python3 dirsearch.py -u $URL -w /opt/seclists/Discovery/Web-Content/raft-large-files.txt 


=======================FFUF : 
>>>ffuf -u $URL -c -w /opt/seclists/Discovery/Web-Content/raft-large-files.txt  -t 100 
>>>ffuf -recursion -c -e '.htm','.php','.html','.js','.txt','.zip','.bak','.asp','.aspx','.xml','.py','.log','.json','.old' -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u http://$IP:8080/FUZZ
>>> ffuf -recursion -mc all -ac -c -e .htm,.shtml,.php,.html,.js,.txt,.zip,.bak,.asp,.aspx,.xml -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u https://url.com/FUZZ


=======================Frexbuster : 
>>>feroxbuster -u http://IP/ -x htm php html js txt zip bak asp aspx xml py -r -o 80-ferox.txt -w /usr/share/seclists/Discovery/Web-Content/raft-large-directories-lowercase.txt -t 100


=======================Gobuster : 
>>> gobuster dir -u  $URL -w /opt/seclists/Discovery/Web-Content/raft-small-words.txt

PreviousJ-BOSS NextLOGIN PAGE

Last updated 2 years ago

DIRECTORY/FILES FUZZING


=======================Use and review 
https://raw.githubusercontent.com/six2dez/OneListForAll/main/onelistforallshort.txt

=======================Wfuzz : 
>>> wfuzz -c -w /usr/share/wfuzz/wordlist/general/megabeast.txt $IP:80/FUZZ
>>> wfuzz -c -z file,/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --sc 200 http://$IP/FUZZ/
>>>wfuzz -c -w /usr/share/seclists/Discovery/Web_Content/raft-large-files.txt  $IP/FUZZ  --hc 404
>>>wfuzz -c -w /usr/share/seclists/Discovery/Web_Content/raft-large-directories.txt  $IP/FUZZ/  --hc 404
>>> wfuzz -c -z file,/usr/share/seclists/Fuzzing/SQLi/quick-SQLi.txt -d "myusername=john&mypassword=FUZZ&Submit=Login” --hc 404  $URL


=======================Dirsearch : 
>>> python3 dirsearch.py -u $URL -w /opt/seclists/Discovery/Web-Content/raft-large-files.txt 


=======================FFUF : 
>>>ffuf -u $URL -c -w /opt/seclists/Discovery/Web-Content/raft-large-files.txt  -t 100 
>>>ffuf -recursion -c -e '.htm','.php','.html','.js','.txt','.zip','.bak','.asp','.aspx','.xml','.py','.log','.json','.old' -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u http://$IP:8080/FUZZ
>>> ffuf -recursion -mc all -ac -c -e .htm,.shtml,.php,.html,.js,.txt,.zip,.bak,.asp,.aspx,.xml -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -u https://url.com/FUZZ


=======================Frexbuster : 
>>>feroxbuster -u http://IP/ -x htm php html js txt zip bak asp aspx xml py -r -o 80-ferox.txt -w /usr/share/seclists/Discovery/Web-Content/raft-large-directories-lowercase.txt -t 100


=======================Gobuster : 
>>> gobuster dir -u  $URL -w /opt/seclists/Discovery/Web-Content/raft-small-words.txt

PreviousJ-BOSS NextLOGIN PAGE

Last updated 2 years ago