{"id":24200157,"url":"https://github.com/vulnpire/wayfuzz","last_synced_at":"2026-05-10T18:48:15.221Z","repository":{"id":253281047,"uuid":"843030188","full_name":"Vulnpire/wayfuzz","owner":"Vulnpire","description":"Generate concise and targeted wordlists from Wayback Machine URLs","archived":false,"fork":false,"pushed_at":"2024-08-15T18:35:40.000Z","size":14,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-13T20:43:23.709Z","etag":null,"topics":["fuzzing","waybackurls","wordlist-generation"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Vulnpire.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-15T16:20:34.000Z","updated_at":"2024-11-17T04:23:34.000Z","dependencies_parsed_at":"2024-08-15T18:26:18.011Z","dependency_job_id":"75750020-5737-428d-924b-bd6efaf1699e","html_url":"https://github.com/Vulnpire/wayfuzz","commit_stats":null,"previous_names":["vulnpire/wayfuzz"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vulnpire%2Fwayfuzz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vulnpire%2Fwayfuzz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vulnpire%2Fwayfuzz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vulnpire%2Fwayfuzz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Vulnpire","download_url":"https://codeload.github.com/Vulnpire/wayfuzz/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241638885,"owners_count":19995279,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fuzzing","waybackurls","wordlist-generation"],"created_at":"2025-01-13T20:41:19.956Z","updated_at":"2026-05-10T18:48:15.173Z","avatar_url":"https://github.com/Vulnpire.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# wayfuzz\n\nis a fast and efficient tool for creating wordlists from historical URLs fetched via the Wayback Machine. You can use it with tools like ffuf for web fuzzing and other security testing tasks.\n\n## Features\n\n    Concurrency: Make multiple requests simultaneously for faster processing.\n    URL Filtering: Exclude specific URL patterns using regex.\n    Path Separation: Optionally split URL paths into distinct components.\n    Status Code: specify a comma-separated list of status codes (e.g., -mc 200,403).\n\n\n## Installation\n\n`go install -v github.com/Vulnpire/wayfuzz@latest`\n\n## Or build from the source\n\nClone the repo\n\n`git clone https://github.com/Vulnpire/wayfuzz`\n\nAnd build\n\n`go build -o wayfuzz wayfuzz.go`\n\nThis will create an executable named `wayfuzz`.\n\n## Usage\n\nYou can use wayfuzz by piping in a list of domains via `stdin`:\n\n`cat domains.txt | wayfuzz [options]`\n\n## Options\n\n    -c \u003cint\u003e: Set the number of concurrent requests (default: 10).\n    -x \u003cregex\u003e: Exclude URLs matching the regex pattern (e.g., .jpg|.png).\n    -sed: Split the URL paths by / and output each component separately.\n    -mc \u003ccodes\u003e: Filter URLs by status codes (comma-separated list, e.g., 200,403).\n\n## Example Commands\n### Basic Usage\n\nExclude URLs that end in .jpg or .png:\n\n`cat domains.txt | wayfuzz -c 50`\n\nExclude Specific URL Patterns:\n\n`cat domains.txt | wayfuzz -c 50 -x \".jpg|.png\"`\n\nSeparate URL Paths by `/`\n\n`cat domains.txt | wayfuzz -c 50 -sed`\n\nFilter by Status Codes\n\n`cat domains.txt | wayfuzz -c 50 -mc 200,403`\n\n## Using with `ffuf`\n\n`ffuf` is a web fuzzing tool that can be combined with `wayfuzz` for discovering hidden files, directories, and parameters on a web server.\n\n`cat domains.txt | wayfuzz -c 50 | ffuf -u https://target.com/FUZZ -w -`\n\nIf you want to fuzz URL parameters, you can generate a wordlist of all unique URL components:\n\n`cat domains.txt | wayfuzz -c 50 -sed | ffuf -u https://target.com/path?FUZZ=value -w -`\n\n## IP fuzzing\n\nCreating the wordlist:\n\n`echo \"hackerone.com\" | wayfuzz -c 300 -mc 200 -sed -x \".jpg|.png|.jpeg|...\" | anew wordlist.txt`\n\nGetting the IP addresses from Shodan:\n\n`echo \"hackerone.com\" | `[sXtract](http://github.com:443/Vulnpire/sXtract)` | anew ips.txt`\n\nFuzzing the IPs:\n\n`cat ips.txt | xargs -I@ sh -c 'ffuf -w ./wordlist.txt -u @/FUZZ -mc 200 -c -recursion -recursion-depth 5 -ac -t 300'` Or just use Axiom to fuzz quickly.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvulnpire%2Fwayfuzz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvulnpire%2Fwayfuzz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvulnpire%2Fwayfuzz/lists"}