← 返回命令列表

Linux command

wfuzz 命令

网络

复制后可按需替换文件名、目录或参数。

常用示例

Fuzz URL parameter

wfuzz -c -z file,[wordlist.txt] "[http://target/?param=FUZZ]"

Fuzz directory

wfuzz -c -z file,[dirs.txt] "[http://target/FUZZ]"

POST data fuzzing

wfuzz -c -z file,[wordlist.txt] -d "user=admin&pass=FUZZ" "[http://target/login]"

Filter by response code

wfuzz -c --hc 404 -z file,[wordlist.txt] "[http://target/FUZZ]"

Filter by response size

wfuzz -c --hl 0 -z file,[wordlist.txt] "[http://target/FUZZ]"

Multiple fuzz points

wfuzz -c -z file,[users.txt] -z file,[passwords.txt] "[http://target/?u=FUZ2Z&p=FUZZ]"

说明

wfuzz is a web application security testing tool that performs brute-force discovery of directories, parameters, forms, and other injection points. It replaces the FUZZ keyword in URLs, headers, or POST data with entries from wordlists or other payload sources. Multiple injection points can be used simultaneously with FUZ2Z, FUZ3Z markers, allowing combined username and password attacks or multi-parameter fuzzing. Response filtering by status code, line count, word count, or character count hides uninteresting results and highlights anomalies that may indicate vulnerabilities. Payload sources include wordlist files, numeric ranges, and encoded variants. Multi-threading speeds up testing, and colored output makes results easier to scan. The tool is commonly used for directory enumeration, parameter discovery, and authentication testing in authorized security assessments.

参数

-z _TYPE,DATA_
Payload specification.
-c
Color output.
--hc _CODES_
Hide response codes.
--hl _LINES_
Hide by line count.
--hw _WORDS_
Hide by word count.
--hh _CHARS_
Hide by char count.
-d _DATA_
POST data.
-H _HEADER_
HTTP header.
-t _N_
Threads.

FAQ

What is the wfuzz command used for?

wfuzz is a web application security testing tool that performs brute-force discovery of directories, parameters, forms, and other injection points. It replaces the FUZZ keyword in URLs, headers, or POST data with entries from wordlists or other payload sources. Multiple injection points can be used simultaneously with FUZ2Z, FUZ3Z markers, allowing combined username and password attacks or multi-parameter fuzzing. Response filtering by status code, line count, word count, or character count hides uninteresting results and highlights anomalies that may indicate vulnerabilities. Payload sources include wordlist files, numeric ranges, and encoded variants. Multi-threading speeds up testing, and colored output makes results easier to scan. The tool is commonly used for directory enumeration, parameter discovery, and authentication testing in authorized security assessments.

How do I run a basic wfuzz example?

Run `wfuzz -c -z file,[wordlist.txt] "[http://target/?param=FUZZ]"` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -z _TYPE,DATA_ do in wfuzz?

Payload specification.