Discover and read the best of Twitter Threads about #ffuf
Most recents (2)
ffuf is used by hundreds of people
But only a few use the tool effectively.
Here are 9 tips you want to know right away ๐ ๐งต
#bugbountytips #bugbounty #recon #ffuf
But only a few use the tool effectively.
Here are 9 tips you want to know right away ๐ ๐งต
#bugbountytips #bugbounty #recon #ffuf
1/9 Standard mode
c: color
ac: auto calibration
r: follow redirects
$ ffuf -u https://ups[.]com/FUZZ -w ~/wordlists/common.txt -r
$ ffuf -c -u https://ups[.]com/FUZZ -w ~/wordlists/common.txt -ac
c: color
ac: auto calibration
r: follow redirects
$ ffuf -u https://ups[.]com/FUZZ -w ~/wordlists/common.txt -r
$ ffuf -c -u https://ups[.]com/FUZZ -w ~/wordlists/common.txt -ac
2/9 Throttle Speed
t: threads
p: seconds of delay between requests (or range e.g. 0.1-1)
$ ffuf -u https://ups[].com/FUZZ -t 20 -p 0.2 -w ~/wordlists/common.txt
t: threads
p: seconds of delay between requests (or range e.g. 0.1-1)
$ ffuf -u https://ups[].com/FUZZ -t 20 -p 0.2 -w ~/wordlists/common.txt
I'm going to <semi> live tweet this Internal Penetration Test. Calling the company Acme
Important notes:
Assumed Breach (Already have a Debian based image, no creds, but solely for the sake of having tools locally)
Landing in the SWIFT gateway network
Flags: DA/SWIFT 1/x
Important notes:
Assumed Breach (Already have a Debian based image, no creds, but solely for the sake of having tools locally)
Landing in the SWIFT gateway network
Flags: DA/SWIFT 1/x
Non-Evasive (we can sound alarms, they're only monitoring and validating our actions, this is not a purple team assessment to fill gaps in their NIPS)
Crystal/Glass/Full-Disclosure whatever your org calls "we'll give you any info you need to progress in terms of network topology"
Crystal/Glass/Full-Disclosure whatever your org calls "we'll give you any info you need to progress in terms of network topology"
