minkione · January 20, 2021 20:01
diff --git a/ffuf_oneline.sh b/ffuf_oneline.sh
 # Basic Usage
 ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080

 # Basic Usage With a Cookie
 ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 -b "laravel_session=eyJpdiI6Ii8wQU11dTVlUkg2alRHUXBIVzlGSnc9PSIsInZhbHVlIjoiOWs3YllJWTdqNC9xa1pMeFRvMFh0OE1vRFpaWm9GSzFkRktVZS9yUHBDM0lIazZ4K0NsbndxWVIxQ05VZWhqZUZaR0RGQWlFdmdDc24yWllYRklGSXI5STd2b05Pam4yRXIwV1BUWkZhUnFLNUFzOWsycmRHcnlxS0FqRWNsSnEiLCJtYWMiOiI3ZTliMmM2YzIxOTExNDE0NmVjYTYyMGI4Nzg4YzJiYjNmNjVkNDI1YzEyODYwMzY5YzczNzY3NTUwZDk0OGYzIn0%3D;"

 # Adding a delay
 ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –p 1 –t 3

 # Adding a delay (new method)
 ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –rate 100

 # Fuzzing 2 values
 ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 

 # Simple Filter
 ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -fw 1

 # Simple Matcher
 ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -mc 302

 # Custom Filters
 ffuf -w wordlist.txt:FUZZ -w numbers.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -fr "not found"

 # Fuzzing Post Data
 ffuf -w wordlist.txt -X POST -d "email=df%40fd.com&issue=dsafd&information=FUZZ" -u http://127.0.0.1:8000/vulnerability -replay-proxy http://127.0.0.1:8080

 # Fuzzing Parameters (POST)
 ffuf -w wordlist.txt -X POST -d "email=df%40fd.com&issue=dsafd&FUZZ=test" -u http://127.0.0.1:8000/vulnerability -replay-proxy http://127.0.0.1:8080

 # Fuzzing Parameters (GET)
 ffuf -w wordlist.txt -u http://127.0.0.1:8000/contact/submit?FUZZ=d%40d.com&issue=df -o output.txt -replay-proxy http://127.0.0.1:8080 

 # Fuzzing JSON Post Data
 ffuf -w wordlist.txt -X "PUT" -u http://127.0.0.1:8000/api/users/6 -H "Content-Type: application/json" -d "{'FUZZ':'test'}" -o output.txt -replay-proxy http://127.0.0.1:8080
	# Basic Usage
	ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080

	# Basic Usage With a Cookie
	ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 -b "laravel_session=eyJpdiI6Ii8wQU11dTVlUkg2alRHUXBIVzlGSnc9PSIsInZhbHVlIjoiOWs3YllJWTdqNC9xa1pMeFRvMFh0OE1vRFpaWm9GSzFkRktVZS9yUHBDM0lIazZ4K0NsbndxWVIxQ05VZWhqZUZaR0RGQWlFdmdDc24yWllYRklGSXI5STd2b05Pam4yRXIwV1BUWkZhUnFLNUFzOWsycmRHcnlxS0FqRWNsSnEiLCJtYWMiOiI3ZTliMmM2YzIxOTExNDE0NmVjYTYyMGI4Nzg4YzJiYjNmNjVkNDI1YzEyODYwMzY5YzczNzY3NTUwZDk0OGYzIn0%3D;"

	# Adding a delay
	ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –p 1 –t 3

	# Adding a delay (new method)
	ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –rate 100

	# Fuzzing 2 values
	ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080

	# Simple Filter
	ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -fw 1

	# Simple Matcher
	ffuf -w wordlist.txt:FUZZ -w actions-lowercase.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -mc 302

	# Custom Filters
	ffuf -w wordlist.txt:FUZZ -w numbers.txt:ME -u http://127.0.0.1:8000/api/FUZZ/ME -o output.txt -replay-proxy http://127.0.0.1:8080 -fr "not found"

	# Fuzzing Post Data
	ffuf -w wordlist.txt -X POST -d "email=df%40fd.com&issue=dsafd&information=FUZZ" -u http://127.0.0.1:8000/vulnerability -replay-proxy http://127.0.0.1:8080

	# Fuzzing Parameters (POST)
	ffuf -w wordlist.txt -X POST -d "email=df%40fd.com&issue=dsafd&FUZZ=test" -u http://127.0.0.1:8000/vulnerability -replay-proxy http://127.0.0.1:8080

	# Fuzzing Parameters (GET)
	ffuf -w wordlist.txt -u http://127.0.0.1:8000/contact/submit?FUZZ=d%40d.com&issue=df -o output.txt -replay-proxy http://127.0.0.1:8080

	# Fuzzing JSON Post Data
	ffuf -w wordlist.txt -X "PUT" -u http://127.0.0.1:8000/api/users/6 -H "Content-Type: application/json" -d "{'FUZZ':'test'}" -o output.txt -replay-proxy http://127.0.0.1:8080