Wfuzz Cheatsheet

Table of content

Proxy
Filter result
Wordlist
Header
Cookie
DNS Enumeration
Connection delay
Fuzz different extensions

Proxy

-p : wfuzz -p 127.0.0.1:8080:HTTP

Filter result

--hc : hide if status code equal given value
--hw : hide if #word equal a given value
--hl : hide if #line equal a given value

Wordlist

-w : use the specified wordlist

-H "myheader: myvalue" : use the specified header (can be chained)

-b cookie1=value1 : use the specified cookie (can be chained)

DNS Enumeration

-H "Host: FUZZ.domain.com" ${ip}

Connection delay

-t ${thread} : number of simultaneous connections
-s ${delay} : time delay to wait between two connections

Fuzz different extensions

wfuzz -w ${wordlist} -z list,txt-php --hc 404 https://10.10.10.60/FUZZ.FUZ2Z

results matching ""

No results matching ""

results matching ""

No results matching ""