1 . Introduction
2 . My Setup
3 . What is ffuf?
4 . Why use ffuf?
5 . How to use ffuf?
6 . Summary
This post is designed to introduce you to the tool ffuf.
1. Introduction
Welcome to the twenty-eighth blog post of 100 tools in 100 days.
Find ffuf here.
Ffuf was created and is maintained by Joona Hoikkala check out his GitHub here.
2. My Setup
For running the ffuf tool, I used Kali Linux in a VMware Workstation 16 Player virtualized environment.
For my vulnerable host, I used the ffuf test website: http://ffuf.me/.
3. What is ffuf?
Ffuf stands for Fuzz Faster U Fool. Essentially Ffuf is an extremely fast web fuzzer that is written in the Go language.
4. Why use ffuf?
Matthew, we have GoBuster, Dirb, and Dirbuster, why use Ffuf?
Ffuf is fast, really fast. But Ffuf offers so many more options than just directory searching (though today I will show its recursive directory search capabilities). Ffuf can find file extensions, offers filtering and matching options, and integrates with Burpsuite and a local proxy. I know that this does not cover every aspect of Ffuf.
If you want to see more details on how to use Ffuf as an advanced user check out Michael Skelton’s video on his website Codingo here.
5. How to use ffuf?
Ffuf comes preinstalled on Kali Linux, in your terminal you can type: ffuf -h to see the help menu.
For my example, I am using the Ffuf website for testing Ffuf that Joona has created: http://ffuf.me/
Step 1:
I wanted to scan the site recursively and also
output that to an HTML file for easy viewing.
The command may look daunting but I promise it is easy to understand:
ffuf -w /usr/share/wordlists/SecLists/SecLists/Discovery/Web-Content/common.txt -recursion -u http://ffuf.me/cd/recursion/FUZZ -f html -o ffuf.html
-w = Wordlist for fuzzing
-recursion = Once Ffuf finds a directory it looks
inside for files and additional directories
-u = domain to scan
-f = file output format
-o file output name
Below you can see the HTML page of the output for a clearer view:
6. Summary
Ffuf may not be for everyone, but it certainly can do all the things other directory search tools do, faster and more efficiently. Most scans take seconds for websites. Additionally, it can output the results in easy to read options including CSV, Markdown, HTML, and JSON.
If you need to find files, directories, run websites through Burpsuite during fuzzing, test usernames and passwords, etc, Ffuf could be your go to tool.
I hope you enjoyed this blog post.
Thanks for reading!
If you have suggestions for what tool to cover next, contact me!