Web Fuzzing
ffuf
From here https://github.com/ffuf/ffuf
Using only proxychains
before ffuf
doesn't work, but thanks to this concern we found a path to actually use ffuf
with proxychains
.
Install proxy.py library
From here https://pypi.org/project/proxy.py
python3 -m venv virtual-environment-to-proxy
source virtual-environment-to-proxy/bin/activate
pip3 install --upgrade proxy.py
Serve a proxy server with proxychains:
proxychains proxy
[...]
2525-25-25 25:25:25,901 - pid:2281626 [I] plugins.load:85 - Loaded plugin proxy.http.proxy.HttpProxyPlugin
2525-25-25 25:25:25,901 - pid:2281626 [I] tcp.listen:80 - Listening on 127.0.0.1:8899
2525-25-25 25:25:25,907 - pid:2281626 [I] pool.setup:105 - Started 2 acceptors in threadless (local) mode
[...]
# or maybe there is no output, but is running (:
Run ffuf targeting to proxy:
ffuf -c -w wordlist.txt -x http://127.0.0.1:8899 -u http://10.10.10.10/FUZZ
wfuzz
From here https://github.com/xmendez/wfuzz
proxychains -q wfuzz -c -w wordlist.txt -u http://10.10.10.10/FUZZ
Last updated