80,443 - Web
Last updated
Last updated
source code
links
redirect
cookies
burpsuite
headers
directories
files
files+extensions
subdomains
default creds
credentials related to software
bruteforce
cupp
pydictor
crunch
IDOR
SQLi
SQL (PHP...)
NoSQL (Node...)
SSTI
XXE
XSS
Command Injection
Header Injection
Check resources showing input info
Symbols to cause errors
send parameters empty
add symbols
change order of parameters
change content-type
content-type: if www-urlencoded ... change to application/json and format parameters
change http verbs (GET to POST, POST to OPTIONS, etc)
It will take the FUZZ word from the file and fuzzing over it.
From here
From here
From here