>_ shadow.red
notatki-hakera.pl YouTube CTF Solutions Channel ☕ Buy me a coffee
~ / Reconnaissance / Wfuzz - Directory and File Discovery

Wfuzz - Directory and File Discovery

Reconnaissance Web Content Discovery linux

Directory enumeration

wfuzz -c -z file,/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt --hc 404,403 'http://10.10.147.218/FUZZ/'

File enumeration

wfuzz -c -z file,/usr/share/seclists/Discovery/Web-Content/raft-medium-files.txt --hc 404,403 'http://10.10.147.218:1234/FUZZ'

wfuzz -c -b "<SESSIONVARIABLE>=<SESSIONVALUE>" -z file,/opt/SecLists/Discovery/Web-Content/raft-medium-files.txt --hc 404 "$URL"

Parameter discovery

wfuzz -c -z file,/opt/SecLists/Discovery/Web-Content/burp-parameter-names.txt "https://example.com/?FUZZ=data"