FFUF Cheat Sheet

ffuf (Fuzz Faster U Fool) is a high-performance web fuzzer used for content discovery, parameter fuzzing, and API testing. It is a modern alternative to tools like DirBuster and Gobuster.

Basic Directory Fuzzing

ffuf -u http://example.com/FUZZ -w wordlist.txt

Specify Extensions

ffuf -u http://example.com/FUZZ -w wordlist.txt -e .php,.txt,.bak

Filter Responses

Filter by Status Code

ffuf -u http://example.com/FUZZ -w wordlist.txt -fc 404

Filter by Size

ffuf -u http://example.com/FUZZ -w wordlist.txt -fs 4242

Match Responses

Match Status Code

ffuf -u http://example.com/FUZZ -w wordlist.txt -mc 200,301,302

Recursive Scanning

ffuf -u http://example.com/FUZZ -w wordlist.txt -recursion -recursion-depth 2

Virtual Host Fuzzing

ffuf -u http://example.com -H "Host: FUZZ.example.com" -w subdomains.txt

Parameter Fuzzing (GET)

ffuf -u "http://example.com/page.php?param=FUZZ" -w params.txt

Parameter Fuzzing (POST)

ffuf -u http://example.com/login.php -X POST -d "username=admin&password=FUZZ" -w passwords.txt

JSON API Fuzzing

ffuf -u http://api.example.com/FUZZ -w endpoints.txt -H "Content-Type: application/json"

Delay & Rate Control

ffuf -u http://example.com/FUZZ -w wordlist.txt -rate 50 -p 0.2

Save Results

ffuf -u http://example.com/FUZZ -w wordlist.txt -o results.json -of json

Use Multiple Wordlists

ffuf -u http://example.com/FUZZ?user=USER -w paths.txt:FUZZ -w users.txt:USER

Typical Workflow

ffuf -u http://target/FUZZ -w common.txt
Analyze responses
Adjust filters
Re-run with deeper wordlists

Common Issues

Too many false positives

Use size or word count filters
Compare baseline responses

Blocked by WAF

Lower rate
Randomize User-Agent

gobuster
dirbuster
wfuzz
burpsuite

Use Cases

Directory discovery
API endpoint enumeration
Parameter fuzzing
Web pentesting automation

Legal Notice

Danger

Use ffuf only on authorized targets.