ivuorinen/cheatsheet-tldr
1
0
Fork 0
mirror of https://github.com/ivuorinen/cheatsheet-tldr.git synced 2026-02-03 20:43:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update cheatsheets

Browse Source
This commit is contained in:
ivuorinen
2024-04-02 00:13:24 +00:00
parent 266e2650e6
commit 942e2489a7
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tldr/wfuzz
View File

@@ -10,7 +10,7 @@ source: https://github.com/tldr-pages/tldr.git
- Directory and file bruteforce using the specified [w]ordlist and also [p]roxying the traffic:
`wfuzz -w {{path/to/file}} -p {{127.0.0.1:8080}} {{http://example.com/FUZZ}}`
`wfuzz -w {{path/to/file}} -p {{127.0.0.1:8080:HTTP}} {{http://example.com/FUZZ}}`
- Save the results to a [f]ile:
@@ -27,3 +27,15 @@ source: https://github.com/tldr-pages/tldr.git
- Brute force Basic Authentication using a list of usernames and passwords from files for each FUZ[z] keyword, [h]iding response [c]odes of unsuccessful attempts:
`wfuzz -c --hc {{401}} -s {{delay_between_requests_in_seconds}} -z file,{{path/to/usernames}} -z file,{{path/to/passwords}} --basic 'FUZZ:FUZ2Z' {{https://example.com}}`
- Provide wordlist directly from the command line and use POST request for fuzzing:
`wfuzz -z list,{{word1-word2-...}} {{https://api.example.com}} -d {{"id=FUZZ&showwallet=true"}}`
- Provide wordlists from a file applying base64 and md5 encoding on them (`wfuzz -e encoders` lists all available encoders):
`wfuzz -z file,{{path/to/file}},none-base64-md5 {{https://example.com/FUZZ}}`
- List available encoders/payloads/iterators/printers/scripts:
`wfuzz -e {{encoders|payloads|iterators|printers|scripts}}`