Skip to content

Instantly share code, notes, and snippets.

@ehsandeep

ehsandeep/nuclei-ffuf.md

Created April 18, 2025 17:23
Show Gist options
  • Save ehsandeep/4c8c7e2c77646d85aebb678de29cfe3f to your computer and use it in GitHub Desktop.
Save ehsandeep/4c8c7e2c77646d85aebb678de29cfe3f to your computer and use it in GitHub Desktop.
Download ZIP
nuclei / ffuf example runs
Raw
nuclei-ffuf.md

Nuclei Template:

id: server-status-check

info:
  name: Apache Server-Status Endpoint Detection
  author: ProjectDiscoveryAI
  severity: info
  description: |
    Detects the presence of the Apache server-status endpoint which reveals server statistics and information.

http:
  - raw:
      - |
        GET /server-status/ HTTP/1.1
        Host: {{Hostname}}
        User-Agent: Fuzz Faster U Fool with Nuclei
        Accept-Encoding: gzip, deflate, br
        Connection: keep-alive

    matchers:
      - type: word
        words:
          - "Apache Server Status"

# ffuf -w urls.txt -u "FUZZ/server-status/" -mr "Apache Server Status" -t 500 -timeout 10
root@hackwithautomation:~/nuclei# ./nuclei -t test.yaml -l test.txt.2  -stats -rl 500 -retries 0 -bs 500

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.4.2

		projectdiscovery.io

[INF] Current nuclei version: v3.4.2 (latest)
[INF] Current nuclei-templates version: v10.1.7 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 64
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 194614
[0:00:05] | Templates: 1 | Hosts: 194614 | RPS: 117 | Matched: 0 | Errors: 274 | Requests: 616/194614 (0%)
[0:00:10] | Templates: 1 | Hosts: 194614 | RPS: 63 | Matched: 0 | Errors: 290 | Requests: 651/194614 (0%)
[0:00:15] | Templates: 1 | Hosts: 194614 | RPS: 171 | Matched: 0 | Errors: 2154 | Requests: 2616/194614 (1%)
[0:00:20] | Templates: 1 | Hosts: 194614 | RPS: 192 | Matched: 0 | Errors: 2527 | Requests: 3895/194614 (2%)
[0:00:25] | Templates: 1 | Hosts: 194614 | RPS: 221 | Matched: 0 | Errors: 3099 | Requests: 5584/194614 (2%)
[0:00:30] | Templates: 1 | Hosts: 194614 | RPS: 242 | Matched: 0 | Errors: 3568 | Requests: 7345/194614 (3%)
[0:00:35] | Templates: 1 | Hosts: 194614 | RPS: 252 | Matched: 0 | Errors: 3679 | Requests: 8917/194614 (4%)
[0:00:40] | Templates: 1 | Hosts: 194614 | RPS: 287 | Matched: 0 | Errors: 3970 | Requests: 11590/194614 (5%)
[0:00:45] | Templates: 1 | Hosts: 194614 | RPS: 290 | Matched: 0 | Errors: 4112 | Requests: 13163/194614 (6%)
[0:00:50] | Templates: 1 | Hosts: 194614 | RPS: 294 | Matched: 0 | Errors: 4214 | Requests: 14819/194614 (7%)
[0:00:55] | Templates: 1 | Hosts: 194614 | RPS: 301 | Matched: 0 | Errors: 4917 | Requests: 16645/194614 (8%)
[0:01:00] | Templates: 1 | Hosts: 194614 | RPS: 290 | Matched: 0 | Errors: 6406 | Requests: 17484/194614 (8%)
[0:01:05] | Templates: 1 | Hosts: 194614 | RPS: 290 | Matched: 0 | Errors: 7890 | Requests: 18939/194614 (9%)
[0:01:10] | Templates: 1 | Hosts: 194614 | RPS: 296 | Matched: 0 | Errors: 8706 | Requests: 20853/194614 (10%)
[0:01:15] | Templates: 1 | Hosts: 194614 | RPS: 297 | Matched: 0 | Errors: 10040 | Requests: 22377/194614 (11%)
[0:01:20] | Templates: 1 | Hosts: 194614 | RPS: 312 | Matched: 0 | Errors: 10405 | Requests: 25121/194614 (12%)
[0:01:25] | Templates: 1 | Hosts: 194614 | RPS: 323 | Matched: 0 | Errors: 10786 | Requests: 27552/194614 (14%)
[0:01:30] | Templates: 1 | Hosts: 194614 | RPS: 334 | Matched: 0 | Errors: 11046 | Requests: 30173/194614 (15%)
[0:01:35] | Templates: 1 | Hosts: 194614 | RPS: 341 | Matched: 0 | Errors: 11615 | Requests: 32550/194614 (16%)
[0:01:40] | Templates: 1 | Hosts: 194614 | RPS: 343 | Matched: 0 | Errors: 12200 | Requests: 34405/194614 (17%)
[0:01:45] | Templates: 1 | Hosts: 194614 | RPS: 334 | Matched: 0 | Errors: 12604 | Requests: 35184/194614 (18%)
[0:01:50] | Templates: 1 | Hosts: 194614 | RPS: 325 | Matched: 0 | Errors: 13073 | Requests: 35884/194614 (18%)
[0:01:55] | Templates: 1 | Hosts: 194614 | RPS: 314 | Matched: 0 | Errors: 13461 | Requests: 36300/194614 (18%)
[0:02:00] | Templates: 1 | Hosts: 194614 | RPS: 306 | Matched: 0 | Errors: 14240 | Requests: 36888/194614 (18%)
[0:02:05] | Templates: 1 | Hosts: 194614 | RPS: 298 | Matched: 0 | Errors: 14874 | Requests: 37373/194614 (19%)
[0:02:10] | Templates: 1 | Hosts: 194614 | RPS: 291 | Matched: 0 | Errors: 15499 | Requests: 37967/194614 (19%)
[0:02:15] | Templates: 1 | Hosts: 194614 | RPS: 285 | Matched: 0 | Errors: 16019 | Requests: 38635/194614 (19%)
[0:02:20] | Templates: 1 | Hosts: 194614 | RPS: 281 | Matched: 0 | Errors: 16426 | Requests: 39447/194614 (20%)
[0:02:25] | Templates: 1 | Hosts: 194614 | RPS: 278 | Matched: 0 | Errors: 16680 | Requests: 40501/194614 (20%)
[0:02:30] | Templates: 1 | Hosts: 194614 | RPS: 281 | Matched: 0 | Errors: 16953 | Requests: 42252/194614 (21%)
[0:02:35] | Templates: 1 | Hosts: 194614 | RPS: 289 | Matched: 0 | Errors: 17199 | Requests: 44989/194614 (23%)
[0:02:40] | Templates: 1 | Hosts: 194614 | RPS: 295 | Matched: 0 | Errors: 17471 | Requests: 47412/194614 (24%)
[0:02:45] | Templates: 1 | Hosts: 194614 | RPS: 300 | Matched: 0 | Errors: 17725 | Requests: 49668/194614 (25%)
[0:02:50] | Templates: 1 | Hosts: 194614 | RPS: 307 | Matched: 0 | Errors: 18240 | Requests: 52300/194614 (26%)
[0:02:55] | Templates: 1 | Hosts: 194614 | RPS: 313 | Matched: 0 | Errors: 18593 | Requests: 54931/194614 (28%)
[0:03:00] | Templates: 1 | Hosts: 194614 | RPS: 316 | Matched: 0 | Errors: 19042 | Requests: 57009/194614 (29%)
[0:03:05] | Templates: 1 | Hosts: 194614 | RPS: 320 | Matched: 0 | Errors: 19543 | Requests: 59454/194614 (30%)
[0:03:10] | Templates: 1 | Hosts: 194614 | RPS: 321 | Matched: 0 | Errors: 19815 | Requests: 61251/194614 (31%)
[0:03:15] | Templates: 1 | Hosts: 194614 | RPS: 327 | Matched: 0 | Errors: 20176 | Requests: 63860/194614 (32%)
[0:03:20] | Templates: 1 | Hosts: 194614 | RPS: 330 | Matched: 0 | Errors: 20662 | Requests: 66189/194614 (34%)
[0:03:25] | Templates: 1 | Hosts: 194614 | RPS: 333 | Matched: 0 | Errors: 20953 | Requests: 68533/194614 (35%)
[0:03:30] | Templates: 1 | Hosts: 194614 | RPS: 338 | Matched: 0 | Errors: 21372 | Requests: 71140/194614 (36%)
[0:03:36] | Templates: 1 | Hosts: 194614 | RPS: 331 | Matched: 0 | Errors: 21507 | Requests: 71618/194614 (36%)
[0:03:40] | Templates: 1 | Hosts: 194614 | RPS: 331 | Matched: 0 | Errors: 21744 | Requests: 73109/194614 (37%)
[0:03:45] | Templates: 1 | Hosts: 194614 | RPS: 335 | Matched: 0 | Errors: 21931 | Requests: 75497/194614 (38%)
[0:03:50] | Templates: 1 | Hosts: 194614 | RPS: 337 | Matched: 0 | Errors: 22189 | Requests: 77769/194614 (39%)
[0:03:55] | Templates: 1 | Hosts: 194614 | RPS: 340 | Matched: 0 | Errors: 22431 | Requests: 80169/194614 (41%)
[0:04:00] | Templates: 1 | Hosts: 194614 | RPS: 341 | Matched: 0 | Errors: 22788 | Requests: 81968/194614 (42%)
[0:04:05] | Templates: 1 | Hosts: 194614 | RPS: 343 | Matched: 0 | Errors: 22933 | Requests: 84327/194614 (43%)
[0:04:10] | Templates: 1 | Hosts: 194614 | RPS: 343 | Matched: 0 | Errors: 23115 | Requests: 86073/194614 (44%)
[0:04:15] | Templates: 1 | Hosts: 194614 | RPS: 343 | Matched: 0 | Errors: 23263 | Requests: 87570/194614 (44%)
[0:04:20] | Templates: 1 | Hosts: 194614 | RPS: 341 | Matched: 0 | Errors: 23442 | Requests: 88748/194614 (45%)
[0:04:25] | Templates: 1 | Hosts: 194614 | RPS: 340 | Matched: 0 | Errors: 23739 | Requests: 90187/194614 (46%)
[0:04:30] | Templates: 1 | Hosts: 194614 | RPS: 338 | Matched: 0 | Errors: 24013 | Requests: 91603/194614 (47%)
[0:04:35] | Templates: 1 | Hosts: 194614 | RPS: 340 | Matched: 0 | Errors: 24493 | Requests: 93791/194614 (48%)
[0:04:40] | Templates: 1 | Hosts: 194614 | RPS: 342 | Matched: 0 | Errors: 24668 | Requests: 95977/194614 (49%)
[0:04:45] | Templates: 1 | Hosts: 194614 | RPS: 344 | Matched: 0 | Errors: 24875 | Requests: 98403/194614 (50%)
[0:04:50] | Templates: 1 | Hosts: 194614 | RPS: 347 | Matched: 0 | Errors: 24969 | Requests: 100899/194614 (51%)
[0:04:55] | Templates: 1 | Hosts: 194614 | RPS: 350 | Matched: 0 | Errors: 25178 | Requests: 103544/194614 (53%)
[0:05:00] | Templates: 1 | Hosts: 194614 | RPS: 353 | Matched: 0 | Errors: 25399 | Requests: 106007/194614 (54%)
[0:05:05] | Templates: 1 | Hosts: 194614 | RPS: 355 | Matched: 0 | Errors: 25556 | Requests: 108404/194614 (55%)
[0:05:10] | Templates: 1 | Hosts: 194614 | RPS: 357 | Matched: 0 | Errors: 25735 | Requests: 110852/194614 (56%)
[0:05:15] | Templates: 1 | Hosts: 194614 | RPS: 359 | Matched: 0 | Errors: 26017 | Requests: 113266/194614 (58%)
[0:05:20] | Templates: 1 | Hosts: 194614 | RPS: 361 | Matched: 0 | Errors: 26341 | Requests: 115718/194614 (59%)
[0:05:25] | Templates: 1 | Hosts: 194614 | RPS: 363 | Matched: 0 | Errors: 26611 | Requests: 118278/194614 (60%)
[0:05:30] | Templates: 1 | Hosts: 194614 | RPS: 365 | Matched: 0 | Errors: 26928 | Requests: 120809/194614 (62%)
[0:05:35] | Templates: 1 | Hosts: 194614 | RPS: 367 | Matched: 0 | Errors: 27247 | Requests: 123216/194614 (63%)
[0:05:40] | Templates: 1 | Hosts: 194614 | RPS: 369 | Matched: 0 | Errors: 27669 | Requests: 125716/194614 (64%)
[0:05:45] | Templates: 1 | Hosts: 194614 | RPS: 370 | Matched: 0 | Errors: 28028 | Requests: 127952/194614 (65%)
[0:05:50] | Templates: 1 | Hosts: 194614 | RPS: 371 | Matched: 0 | Errors: 28491 | Requests: 130180/194614 (66%)
[0:05:55] | Templates: 1 | Hosts: 194614 | RPS: 373 | Matched: 0 | Errors: 28856 | Requests: 132792/194614 (68%)
[0:06:00] | Templates: 1 | Hosts: 194614 | RPS: 375 | Matched: 0 | Errors: 29252 | Requests: 135311/194614 (69%)
[0:06:05] | Templates: 1 | Hosts: 194614 | RPS: 374 | Matched: 0 | Errors: 29596 | Requests: 136772/194614 (70%)
[0:06:10] | Templates: 1 | Hosts: 194614 | RPS: 375 | Matched: 0 | Errors: 29943 | Requests: 139045/194614 (71%)
[0:06:15] | Templates: 1 | Hosts: 194614 | RPS: 375 | Matched: 0 | Errors: 30352 | Requests: 140763/194614 (72%)
[0:06:20] | Templates: 1 | Hosts: 194614 | RPS: 374 | Matched: 0 | Errors: 30648 | Requests: 142231/194614 (73%)
[0:06:25] | Templates: 1 | Hosts: 194614 | RPS: 372 | Matched: 0 | Errors: 31170 | Requests: 143549/194614 (73%)
[0:06:30] | Templates: 1 | Hosts: 194614 | RPS: 371 | Matched: 0 | Errors: 31461 | Requests: 144912/194614 (74%)
[0:06:35] | Templates: 1 | Hosts: 194614 | RPS: 371 | Matched: 0 | Errors: 31819 | Requests: 146730/194614 (75%)
[0:06:40] | Templates: 1 | Hosts: 194614 | RPS: 372 | Matched: 0 | Errors: 32065 | Requests: 149052/194614 (76%)
[0:06:45] | Templates: 1 | Hosts: 194614 | RPS: 370 | Matched: 0 | Errors: 32097 | Requests: 150224/194614 (77%)
[0:06:50] | Templates: 1 | Hosts: 194614 | RPS: 369 | Matched: 0 | Errors: 32156 | Requests: 151646/194614 (77%)
[0:06:55] | Templates: 1 | Hosts: 194614 | RPS: 370 | Matched: 0 | Errors: 32201 | Requests: 153843/194614 (79%)
[0:07:00] | Templates: 1 | Hosts: 194614 | RPS: 371 | Matched: 0 | Errors: 32368 | Requests: 156159/194614 (80%)
[0:07:05] | Templates: 1 | Hosts: 194614 | RPS: 372 | Matched: 0 | Errors: 32607 | Requests: 158567/194614 (81%)
[0:07:10] | Templates: 1 | Hosts: 194614 | RPS: 374 | Matched: 0 | Errors: 33031 | Requests: 161066/194614 (82%)
[0:07:15] | Templates: 1 | Hosts: 194614 | RPS: 374 | Matched: 0 | Errors: 33328 | Requests: 162916/194614 (83%)
[0:07:20] | Templates: 1 | Hosts: 194614 | RPS: 374 | Matched: 0 | Errors: 33542 | Requests: 164727/194614 (84%)
[0:07:25] | Templates: 1 | Hosts: 194614 | RPS: 375 | Matched: 0 | Errors: 33731 | Requests: 167170/194614 (85%)
[0:07:30] | Templates: 1 | Hosts: 194614 | RPS: 377 | Matched: 0 | Errors: 33813 | Requests: 169843/194614 (87%)
[0:07:35] | Templates: 1 | Hosts: 194614 | RPS: 378 | Matched: 0 | Errors: 34083 | Requests: 172246/194614 (88%)
[0:07:40] | Templates: 1 | Hosts: 194614 | RPS: 379 | Matched: 0 | Errors: 34527 | Requests: 174764/194614 (89%)
[0:07:45] | Templates: 1 | Hosts: 194614 | RPS: 380 | Matched: 0 | Errors: 34979 | Requests: 177114/194614 (91%)
[0:07:50] | Templates: 1 | Hosts: 194614 | RPS: 381 | Matched: 0 | Errors: 35380 | Requests: 179440/194614 (92%)
[0:07:55] | Templates: 1 | Hosts: 194614 | RPS: 383 | Matched: 0 | Errors: 38146 | Requests: 182059/194614 (93%)
[0:08:00] | Templates: 1 | Hosts: 194614 | RPS: 384 | Matched: 0 | Errors: 42911 | Requests: 184706/194614 (94%)
[0:08:05] | Templates: 1 | Hosts: 194614 | RPS: 386 | Matched: 0 | Errors: 47655 | Requests: 187341/194614 (96%)
[0:08:10] | Templates: 1 | Hosts: 194614 | RPS: 386 | Matched: 0 | Errors: 50438 | Requests: 189280/194614 (97%)
[0:08:15] | Templates: 1 | Hosts: 194614 | RPS: 386 | Matched: 0 | Errors: 50599 | Requests: 191211/194614 (98%)
[0:08:20] | Templates: 1 | Hosts: 194614 | RPS: 386 | Matched: 0 | Errors: 50731 | Requests: 193319/194614 (99%)
[0:08:25] | Templates: 1 | Hosts: 194614 | RPS: 385 | Matched: 0 | Errors: 50799 | Requests: 194584/194614 (99%)
[0:08:30] | Templates: 1 | Hosts: 194614 | RPS: 381 | Matched: 0 | Errors: 50814 | Requests: 194612/194614 (99%)
[INF] No results found. Better luck next time!
[0:08:32] | Templates: 1 | Hosts: 194614 | RPS: 379 | Matched: 0 | Errors: 50818 | Requests: 194614/194614 (100%)
root@hackwithautomation:~/nuclei# ffuf -w test.txt.2 -u "FUZZ/server-status/" -mr "Apache Server Status" -t 500 -timeout 10

        /'___\  /'___\           /'___\       
       /\ \__/ /\ \__/  __  __  /\ \__/       
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\      
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/      
         \ \_\   \ \_\  \ \____/  \ \_\       
          \/_/    \/_/   \/___/    \/_/       

       v2.1.0-dev
________________________________________________

 :: Method           : GET
 :: URL              : FUZZ/server-status/
 :: Wordlist         : FUZZ: /root/nuclei/test.txt.2
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 500
 :: Matcher          : Regexp: Apache Server Status
________________________________________________

:: Progress: [194614/194614] :: Job [1/1] :: 92 req/sec :: Duration: [0:16:07] :: Errors: 24652 ::
root@hackwithautomation:~/nuclei# neofetch 
            .-/+oossssoo+/-.               root@hackwithautomation 
        `:+ssssssssssssssssss+:`           ----------------------- 
      -+ssssssssssssssssssyyssss+-         OS: Ubuntu 20.04.5 LTS x86_64 
    .ossssssssssssssssssdMMMNysssso.       Host: Droplet 20171212 
   /ssssssssssshdmmNNmmyNMMMMhssssss/      Kernel: 5.4.0-200-generic 
  +ssssssssshmydMMMMMMMNddddyssssssss+     Uptime: 133 days, 2 hours, 48 mins 
 /sssssssshNMMMyhhyyyyhmNMMMNhssssssss/    Packages: 1005 (dpkg), 12 (snap) 
.ssssssssdMMMNhsssssssssshNMMMdssssssss.   Shell: bash 5.0.17 
+sssshhhyNMMNyssssssssssssyNMMMysssssss+   Terminal: /dev/pts/0 
ossyNMMMNyMMhsssssssssssssshmmmhssssssso   CPU: DO-Regular (2) @ 2.294GHz 
ossyNMMMNyMMhsssssssssssssshmmmhssssssso   GPU: 00:02.0 Red Hat, Inc. QXL paravirtual graphic card 
+sssshhhyNMMNyssssssssssssyNMMMysssssss+   Memory: 252MiB / 3920MiB 
.ssssssssdMMMNhsssssssssshNMMMdssssssss.
 /sssssssshNMMMyhhyyyyhdNMMMNhssssssss/                            
  +sssssssssdmydMMMMMMMMddddyssssssss+                             
   /ssssssssssshdmNNNNmyNMMMMhssssss/
    .ossssssssssssssssssdMMMNysssso.
      -+sssssssssssssssssyyyssss+-
        `:+ssssssssssssssssss+:`
            .-/+oossssoo+/-.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment