# Fuzzing

## Directory Bruteforce

### Dirsearch Wordlist

{% code overflow="wrap" %}

```bash
# Nonrecursive (Preferred)
feroxbuster -u http://example.com -w /usr/share/seclists/Discovery/Web-Content/dirsearch.txt -n
```

{% endcode %}

## Virtual Hosts

* **Gobuster**

{% code overflow="wrap" %}

```bash
gobuster vhost -u http://www.example.com -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain -t 50 -r
```

{% endcode %}

* **FFUF**

{% code overflow="wrap" %}

```bash
ffuf -H "Host: FUZZ.example.com" -c -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt" -u http://example.com -mc all
```

{% endcode %}

* **WFUZZ**

```bash
wfuzz -c -f subdomains.txt -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u "http://example.com/" -H "Host: FUZZ.example.com"
```

## API Fuzzing

{% code overflow="wrap" %}

```bash
feroxbuster -u http://example.com/FUZZ -w /usr/share/seclists/Discovery/Web-Content/api/api-endpoints.txt -m GET,POST,PUT
```

{% endcode %}

* Useful wordlists

```
/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt
/usr/share/seclists/Discovery/Web-Content/api/*
```