Fuzzing

WFUZZ Unknown Directory

  • Find 'secret.py' in an Unknown Directory

  • 404 is the 'error' page we'll get when its legit

  • Use 'FUZZ' as the Target path

  • Wordlists:

    • /usr/share/wfuzz/wordlist/general/big.txt

    • /opt/wfuzz/wordlist/general/big.txt

wfuzz -w big.txt --hc '404' -u http://10.x.x.x/FUZZ/secret.py

More:

PreviousEnum Finger and Brute SSHNextNmap

Last updated