Gobuster vs Ffuf

SevynZ · January 3, 2024, 11:05pm

Hi all!

So while working through Preignition (Very easy box), I noticed a discrepancy between my search results when I ran ffuf vs gobuster.

The first command I ran was ffuf -w ~/directory-list-2.3-small.txt:FUZZ -u http://hostip/FUZZ
and I ended up getting nothing back.

So then I ran - gobuster -w ~/directory-list-2.3-small.txt dir -u http://hostip -x .php,.html and ended up getting a page returned.

What’s with that!?

FiveSquare · July 18, 2024, 11:06am

you forgot to add .php or .html in your ffuf scan
for example ffuf -w ~/directory-list-2.3-small.txt:FUZZ -u http://hostip/FUZZ.php

Topic		Replies	Views
Attacking web applications with ffuf Academy help	9	2317	November 20, 2024
WEB FUZZING Skills Assessment Academy	26	1018	September 5, 2024
Directory Fuzzing - Academy Academy	3	2305	September 18, 2022
FFUF value/parameter scanning Off-topic academy , ffuf	16	5716	October 12, 2023
Help - ATTACKING WEB APPLICATIONS WITH FFUF Other	11	4539	September 20, 2024