View Issue Details

IDProjectCategoryView StatusLast Update
0005098Kali LinuxQueued Tool Additionpublic2020-11-11 23:50
Reporterjoohoi Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2020.3 
Summary0005098: ffuf - a very fast webfuzzer written in Go
Description

I would like to get ffuf included in Kali Linux to provide people easier access to it.

Ffuf is a fast webfuzzer that combines the best parts of tools like wfuzz and gobuster into one. It has drastic speed improvements over even the fastest fuzzers / busters along with fine grained matcher / filter architecture. It aims to be intuitive to work with by using command line flags similar to tools like curl, gobuster and wfuzz.

Ffuf allows the user to fuzz different parts of URL, including GET parameter names and values, HTTP headers and POST data.

It should be easy to package for Kali, as the only dependency is Go 1.11 and no third party libraries are used starting from upcoming version v0.6. Go binaries can be easily crosscompiled (as no CGO libraries are used) for different architectures and platforms.

Ffuf is available in GitHub at https://github.com/ffuf/ffuf/

Activities

g0tmi1k

g0tmi1k

2018-11-15 08:22

administrator   ~0009948

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool? either a download page or a link to the latest version
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [Activity] - When did the project start? Is is still actively being deployed?
  • [How to install] - How do you compile it?
    --- Note, using source code to acquire (e.g. git clone/svn checkout) can't be used - Also downloading from the head. Please use a "tag" or "release" version.
  • [How to use] - What are some basic commands/functions to demonstrate it?
joohoi

joohoi

2018-11-15 09:19

reporter   ~0009949

ffuf -w /path/to/wordlist -u https://target/FUZZ

GET parameter name fuzzing, filtering out responses of 4242 bytes:

ffuf -w /path/to/paramnames_list -u https://target/script.php?FUZZ=test_value -fs 4242

HTTP header value fuzzing, colored output, filtering out responses that contain value "something" in data:

ffuf -w /path/to/wordlist -u https://target/ -H "Headername: FUZZ" -c -fr "something"

POST data fuzzing, colored output, matching output that contains "success"

ffuf -w /path/to/passwordlist -X POST -u https://target/login.php -d "username=admin\&password=FUZZ" -c -mr "success"

joohoi

joohoi

2018-11-15 09:32

reporter   ~0009950

Oh, and when I say very fast, I mean statistics like gobuster (the fastest equivalent available) choking at 0000426:0000600 requests / second while ffuf is chugging away with around 7k req/sec if the target is able to respond that fast. The speed is affected by concurrent threads command line flag: -t

joohoi

joohoi

2018-11-15 09:34

reporter   ~0009951

Markup played a trick on me. it was supposed to be 600 requests / second. on the note above (instead of the internal link).

joohoi

joohoi

2018-12-05 23:32

reporter   ~0010079

Update: version 0.7 is out:

ffuf -w /path/to/wordlist -u https://target/FUZZ

GET parameter name fuzzing, filtering out responses of 4242 bytes:

ffuf -w /path/to/paramnames_list -u https://target/script.php?FUZZ=test_value -fs 4242

HTTP header value fuzzing, colored output, filtering out responses that contain value "something" in data:

ffuf -w /path/to/wordlist -u https://target/ -H "Headername: FUZZ" -c -fr "something"

POST data fuzzing, colored output, matching output that contains "success"

ffuf -w /path/to/passwordlist -X POST -u https://target/login.php -d "username=admin\&password=FUZZ" -c -mr "success"

joohoi

joohoi

2019-04-27 08:13

reporter   ~0010538

Update: ffuf has seen a few releases since, currently 0.9 is the most recent one:

ffuf -w /path/to/wordlist -u https://target/FUZZ

GET parameter name fuzzing, filtering out responses of 4242 bytes:

ffuf -w /path/to/paramnames_list -u https://target/script.php?FUZZ=test_value -fs 4242

HTTP header value fuzzing, colored output, filtering out responses that contain value "something" in data:

ffuf -w /path/to/wordlist -u https://target/ -H "Headername: FUZZ" -c -fr "something"

POST data fuzzing, colored output, matching output that contains "success"

ffuf -w /path/to/passwordlist -X POST -u https://target/login.php -d "username=admin\&password=FUZZ" -c -mr "success"

joohoi

joohoi

2019-04-29 15:45

reporter   ~0010542

Do you wish me to post a new note with updated information for each release during the evaluation process (before this is closed or accepted) @g0tmi1k ?

g0tmi1k

g0tmi1k

2019-10-28 13:32

administrator   ~0011238

Last edited: 2020-01-06 13:19

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

joohoi

joohoi

2020-01-31 13:14

reporter   ~0011991

Update: version 1.0 released.

ffuf -w /path/to/wordlist -u https://target/FUZZ

GET parameter name fuzzing, filtering out responses of 4242 bytes:

ffuf -w /path/to/paramnames_list -u https://target/script.php?FUZZ=test_value -fs 4242

HTTP header value fuzzing, colored output, filtering out responses that contain value "something" in data:

ffuf -w /path/to/wordlist -u https://target/ -H "Headername: FUZZ" -c -fr "something"

POST data fuzzing, colored output, matching output that contains "success"

ffuf -w /path/to/passwordlist -X POST -u https://target/login.php -d "username=admin\&password=FUZZ" -c -mr "success"

joohoi

joohoi

2020-01-31 13:15

reporter   ~0011992

About helping with packaging: I'll look into the documentation and see what I can do.

sbrun

sbrun

2020-07-30 12:00

manager   ~0013154

the package has been introduced in Debian.
Version 1.0.2-2 is now in kali.

Issue History

Date Modified Username Field Change
2018-11-14 22:31 joohoi New Issue
2018-11-15 08:22 g0tmi1k Note Added: 0009948
2018-11-15 09:19 joohoi Note Added: 0009949
2018-11-15 09:32 joohoi Note Added: 0009950
2018-11-15 09:34 joohoi Note Added: 0009951
2018-12-05 23:32 joohoi Note Added: 0010079
2019-04-27 08:13 joohoi Note Added: 0010538
2019-04-29 15:45 joohoi Note Added: 0010542
2019-10-28 13:32 g0tmi1k Note Added: 0011238
2019-10-28 13:33 g0tmi1k Category New Tool Requests => Queued Tool Addition
2019-10-28 16:01 g0tmi1k Severity minor => feature
2019-10-28 16:01 g0tmi1k Status new => assigned
2019-10-28 16:03 g0tmi1k Product Version kali-dev =>
2020-01-06 13:07 g0tmi1k Status assigned => acknowledged
2020-01-06 13:19 g0tmi1k Note Edited: 0011238
2020-01-31 13:14 joohoi Note Added: 0011991
2020-01-31 13:15 joohoi Note Added: 0011992
2020-06-17 14:57 g0tmi1k Severity feature => minor
2020-07-30 12:00 sbrun Assigned To => sbrun
2020-07-30 12:00 sbrun Status acknowledged => resolved
2020-07-30 12:00 sbrun Resolution open => fixed
2020-07-30 12:00 sbrun Note Added: 0013154
2020-11-11 23:50 g0tmi1k Fixed in Version => 2020.3