ffuf-web-fuzzing

# FFUF (Fuzz Faster U Fool) Skill ## When to Use - You are fuzzing web targets with `ffuf` during authorized security testing or penetration testing. - The task involves content discovery, subdomain enumeration, parameter fuzzing, or authenticated request fuzzing. - You need guidance on wordlists, filtering, calibration, and interpreting ffuf results efficiently. ## Overview FFUF is a fast web fuzzer written in Go, designed for discovering hidden content, directories, files, subdomains, and testing for vulnerabilities during penetration testing. It's significantly faster than traditional tools like dirb or dirbuster. ## Installation ```bash # Using Go go install github.com/ffuf/ffuf/v2@latest # Using Homebrew (macOS) brew install ffuf # Binary download # Download from: https://github.com/ffuf/ffuf/releases/latest ``` ## Core Concepts ### The FUZZ Keyword The `FUZZ` keyword is used as a placeholder that gets replaced with entries from your wordlist. You can place it anywhere: - URLs: `https://target.com/FUZZ` - Headers: `-H "Host: FUZZ"` - POST data: `-d "username=admin&password=FUZZ"` - Multiple locations with custom keywords: `-w wordlist.txt:CUSTOM` then use `CUSTOM` instead of `FUZZ` ### Multi-wordlist Modes - **clusterbomb**: Tests all combinations (default) - cartesian product - **pitchfork**: Iterates through wordlists in parallel (1-to-1 matching) - **sniper**: Tests one position at a time (for multiple FUZZ positions) ## Common Use Cases ### 1. Directory an...