Suggestion about ffuf
Attack Surface Management Platform | Sn1perSecurity LLC
Brought to you by:
xer0dayz
Menu
▾
▴
#262 Suggestion about ffuf
Originally created by: attacker34
Hi @cyrinux
Sn1per should be made intelligent. Its using same word list for each type of system. As we see in the CMS folder of "SecLists"
https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content/CMS
you can see wordpress,Drupal and other system's separate folders. Then why not telling the Sn1per to use those different .txt files for the respective system.
Like if Sn1per detects that website is using wordpress.. It should pipe it to "wordpress.fuzz.txt" "wp-themes.fuzz.txt" & "wp-plugins.fuzz.txt"
After that Process Sn1per can ask if User wanna use like common medium list or not?
https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/raft-medium-directories.txt
Thanks !!