offsecvault - Knowledge Base



 ▒█████    █████▒ █████▒ ██████ ▓█████  ▄████▄ ██▒   █▓ ▄▄▄       █    ██  ██▓  ▄▄▄█████▓
▒██▒  ██▒▓██   ▒▓██   ▒▒██    ▒ ▓█   ▀ ▒██▀ ▀█▓██░   █▒▒████▄     ██  ▓██▒▓██▒  ▓  ██▒ ▓▒
▒██░  ██▒▒████ ░▒████ ░░ ▓██▄   ▒███   ▒▓█    ▄▓██  █▒░▒██  ▀█▄  ▓██  ▒██░▒██░  ▒ ▓██░ ▒░
▒██   ██░░▓█▒  ░░▓█▒  ░  ▒   ██▒▒▓█  ▄ ▒▓▓▄ ▄██▒▒██ █░░░██▄▄▄▄██ ▓▓█  ░██░▒██░  ░ ▓██▓ ░ 
░ ████▓▒░░▒█░   ░▒█░   ▒██████▒▒░▒████▒▒ ▓███▀ ░ ▒▀█░   ▓█   ▓██▒▒▒█████▓ ░██████▒▒██▒ ░ 
░ ▒░▒░▒░  ▒ ░    ▒ ░   ▒ ▒▓▒ ▒ ░░░ ▒░ ░░ ░▒ ▒  ░ ░ ▐░   ▒▒   ▓▒█░░▒▓▒ ▒ ▒ ░ ▒░▓  ░▒ ░░   
  ░ ▒ ▒░  ░      ░     ░ ░▒  ░ ░ ░ ░  ░  ░  ▒    ░ ░░    ▒   ▒▒ ░░░▒░ ░ ░ ░ ░ ▒  ░  ░    
░ ░ ░ ▒   ░ ░    ░ ░   ░  ░  ░     ░   ░           ░░    ░   ▒    ░░░ ░ ░   ░ ░   ░      
    ░ ░                      ░     ░  ░░ ░          ░        ░  ░   ░         ░  ░       
                                       ░           ░

    OFFENSIVE |
    DEFENSIVE |
    CTF |
    TOOLS |
    ABOUT 

 wfuzz usage 

:: brute force webpage

-subdomains
# wfuzz -w /path/to/wordlist -u http://[ip/FQDN] --hc 301 -v -c -H "Host:FUZZ.domain.com"

-directory
# wfuzz -w /path/to/wordlist -u http://[ip_FQDN]/FUZZ -v -c --hc 401,403

flags:

-w = wordlist
-u = url
--hc = hide responses with the specified code
-v = verbose
-c = output with colors
-H = headers

note: the fuzz options will depends on the common list used, also, based on response the necessary response code will need to be used.