Hello all, i am kind of new to fuzzing in general and i am just coming to grips with the tool wfuzz.
I filter out the codes in my command -hc 404 so i dont get forbidden pages showing up
I am currently fuzzing for directories and i am getting some back with c=200
however im sure these arent actual directories for example im getting
/sync(this feel like it could be real)
/syncrhonize and many different versions of sync.
All turn up a 403 page.
how can i determine on these scans what is a real directory? any kind of help with fuzzing would be greatly appreciated.
i decided to try fuzzing because using dirbuster turned up a seriously long list of incorrect directories and produced an error.