URL Fuzzing
gobuster
gobuster dir -u http://example.com/ -w /usr/share/seclists/Discovery/Web-Content/common.txt -s '200,301,302,307,403,500' -e
gobuster dir -u http://example.com/ -x php,txt -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -s '200,301,302,307,403,500' -e
gobuster dir -u http://example.com/ -c 'cookie=value' -w /usr/share/dirb/wordlists/big.txt -s '200,301,302,307,403,500'
wfuzz
wfuzz -c -w /usr/share/wordlists/dirb/big.txt --hc=403,404 -u "http://example.com/FUZZ.php" -t 100
Virtual hosts fuzzing:
# Might be interesting to generate a wordlist from the target with cewl
cewl -d 3 -w words.txt http://example.com
wfuzz -H "HOST: FUZZ.com" -w words.txt -u "http://example.com" --hc 403,404
dirsearch
python3 dirsearch.py -e php -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -f -t 20 -u http://example.com