ffuf
by ffuf
ffuf is a high-performance web fuzzer written in Go, designed for rapid content discovery, virtual host enumeration, and parameter fuzzing.
Fast web fuzzer written in Go
Primary Use Case
ffuf is primarily used by security professionals, penetration testers, and bug bounty hunters to discover hidden directories, files, subdomains, and vulnerable parameters on web applications. Its speed and efficiency make it ideal for large-scale reconnaissance and identifying potential attack vectors.
- Fast web fuzzer written in Go
- Content discovery
- Virtual host discovery
- GET parameter fuzzing
- POST data fuzzing
- External mutator support
- Configuration files
- Interactive mode
Installation
- Download a prebuilt binary from the releases page.
- On macOS with Homebrew: `brew install ffuf`
- Using Go compiler: `go install github.com/ffuf/ffuf/v2@latest`
- From source: `git clone https://github.com/ffuf/ffuf ; cd ffuf ; go get ; go build`
Usage
>_ ffuf -w /path/to/wordlist -u https://target/FUZZTypical directory discovery by fuzzing the URL path.
>_ ffuf -w /path/to/vhost/wordlist -u https://target -H "Host: FUZZ" -fs 4242Virtual host discovery by fuzzing the Host header and filtering by response size.
>_ ffuf -w /path/to/paramnames.txt -u https://target/script.php?FUZZ=test_value -fs 4242GET parameter name fuzzing.
>_ ffuf -w /path/to/values.txt -u https://target/script.php?valid_name=FUZZ -fc 401Fuzzing GET parameter values and filtering by HTTP status code.
>_ ffuf -w /path/to/postdata.txt -X POST -d "username=admin\\&password=FUZZ" -u https://target/login.php -fc 401POST data fuzzing, filtering by HTTP status code.
>_ ffuf -maxtime <seconds>Set a maximum execution time for the entire process.
- Can be chained with Metasploit for automated exploitation
- Useful for continuous security monitoring in CI/CD pipelines
- Integrate with CI/CD tools to automate fuzzing during deployment
- Utilize in red team exercises to simulate real-world attacks
- Combine with other tools for comprehensive vulnerability assessments
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about ffuf. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
caddy
caddyserver/caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
nginx
nginx/nginx
The official NGINX Open Source repository.
nginxconfig.io
digitalocean/nginxconfig.io
⚙️ NGINX config generator on steroids 💉
SafeLine
chaitin/SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
DOMPurify
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
anubis
TecharoHQ/anubis
Weighs the soul of incoming HTTP requests to stop AI crawlers