LinuxCommandLibrary

ffuf

TLDR

Directory fuzzing

$ ffuf -u [https://target.com/FUZZ] -w [wordlist.txt]
copy
POST parameter fuzzing
$ ffuf -u [https://target.com/api] -w [wordlist.txt] -X POST -d "param=FUZZ"
copy
Filter by status code
$ ffuf -u [https://target.com/FUZZ] -w [wordlist.txt] -fc [404]
copy
Match response size
$ ffuf -u [https://target.com/FUZZ] -w [wordlist.txt] -ms [1234]
copy
Multiple wordlists
$ ffuf -u [https://target.com/FUZZ1/FUZZ2] -w [list1.txt]:FUZZ1 -w [list2.txt]:FUZZ2
copy

SYNOPSIS

ffuf [options]

DESCRIPTION

ffuf (Fuzz Faster U Fool) is a fast web fuzzer written in Go. It discovers hidden content, parameters, and vulnerabilities by sending requests with wordlist entries substituted at marked positions.
The tool excels at content discovery, parameter fuzzing, and virtual host enumeration. Filtering options allow matching or excluding responses by status, size, words, or lines.
ffuf's speed and flexibility make it popular for penetration testing and security assessments.

PARAMETERS

-u URL

Target URL with FUZZ keyword.
-w WORDLIST
Wordlist file.
-X METHOD
HTTP method.
-d DATA
POST data.
-H HEADER
Custom header.
-fc CODES
Filter by status code.
-fs SIZE
Filter by response size.
-mc CODES
Match status codes.
-ms SIZE
Match response size.
-t N
Number of threads.
--help
Display help information.

CAVEATS

Only use against authorized targets. High thread counts may overwhelm servers. Results need manual verification.

HISTORY

ffuf was created by joohoi as a fast, flexible web fuzzer. Written in Go for performance, it has become a standard tool in web application security testing.

SEE ALSO

gobuster(1), dirb(1), wfuzz(1)

Copied to clipboard