{"id":13292272,"url":"https://github.com/xvolume/fuzzmap","last_synced_at":"2025-03-10T07:32:54.093Z","repository":{"id":50167633,"uuid":"270746273","full_name":"xvolume/fuzzmap","owner":"xvolume","description":"Light, fast fuzz.","archived":false,"fork":false,"pushed_at":"2021-06-02T02:04:33.000Z","size":96,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2023-02-23T12:33:25.339Z","etag":null,"topics":["bugbounty","fuzz","fuzzing","pentesting","recon"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xvolume.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-06-08T16:43:32.000Z","updated_at":"2021-01-17T17:56:45.000Z","dependencies_parsed_at":"2022-09-06T11:41:46.735Z","dependency_job_id":null,"html_url":"https://github.com/xvolume/fuzzmap","commit_stats":null,"previous_names":[],"tags_count":null,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xvolume%2Ffuzzmap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xvolume%2Ffuzzmap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xvolume%2Ffuzzmap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xvolume%2Ffuzzmap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xvolume","download_url":"https://codeload.github.com/xvolume/fuzzmap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242811863,"owners_count":20189142,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","fuzz","fuzzing","pentesting","recon"],"created_at":"2024-07-29T17:07:40.527Z","updated_at":"2025-03-10T07:32:54.081Z","avatar_url":"https://github.com/xvolume.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# FUZZmap\n\n```\n __ ___________ ____________\n ) __ ___ ____/_ / / /__ /__ /__________________\n /( ) ___ /_ __ / / /__ /__ /__ \\ __ ` __ \\\n ( )( ) ) _ __/ / /_/ /__ /__ /__ / / / /_/ / /_/ /\n ( \\( ( )/ )___ /_/ ___\\____/ /____/____/_/_/_/\\__,_/ .___/\n __/\n```\n\n\n## Installation\n```\ngit clone https://github.com/xvolume/fuzzmap.git\ncd fuzzmap/\nchmod +x fuzzmap.py\npip install -r requirements.txt\nln -s /path/to/fuzzmap/fuzzmap.py ~/.local/bin/fuzzmap\n```\n## Usage\n**Finding directories**\n```\nfuzzmap -u https://example.com/FUZZ -w dirs.txt --output output.json\n```\n**Discovering subdomains**\n```\nfuzzmap -u https://FUZZ.example.com -w subdomains.txt --match-code all\n```\n**Fuzzing params**\n```\nfuzzmap -u https://example.com/?q=FUZZ -w wordlist.txt --mc 200,301,302\n```\n```\nfuzzmap -u https://example.com -w wl.txt -m POST -H '{\"Cookie\": \"Q29va2llCg==\"}' -d 'user=FUZZ'\n```\n**Parsing output**\n```\nfuzzmap --parse output.json\n```\n```\nfuzzmap --parse output.json --match-code 200\n```\n## Help\n\n```\n __________________________________________________________\n | | |\n | -u --url | Target URL (required) ! |\n | -w --wordlist | Path to wordlist (required) ! |\n | | |\n | -t --threads | Number of threads (def. 40) |\n | -s --delay | Delay between requests (ex. 0.1) |\n | | |\n | -p --payload | Payload string (goes after FUZZ) |\n | - --headers | Set request header (JSON format) |\n | -d --data | Set request data |\n | -m --method | Set request method (def. GET) |\n | | |\n | --mc --match-code | Match status code. Set 'all' to |\n | | match all codes. |\n | --ic --ignore-code | Ignore status code |\n | | |\n | --ml --match-len | Match response length or range |\n | | |\n | --il --ignore-len | Ignore response length or range |\n | | |\n | --mw --match-words | Match resp. words count or range |\n | | |\n | --iw --ignore-words | Ignore resp. words count or range |\n | | |\n | --mli --match-lines | Match resp. lines count or range |\n | | |\n | --ili --ignore-lines| Ignore resp. lines count or range |\n | | ex. |\n | | --mc all --iw 110,124 --il 0-100 |\n | | |\n | --parse | Parse output file. You can use it |\n | | with --match-code. |\n | | ex. --parse result.json |\n | | |\n | -o --output | Write output to file (JSON) |\n | -h --help | Show this help message |\n |_____________________|____________________________________|\n\n```\n\n## TODO\n\n\n\u003cul\u003e\n \u003cli\u003e Add proxy\u003c/li\u003e\n \u003cli\u003e Base64 support\u003c/li\u003e\n \u003cli\u003e Url list support\u003c/li\u003e\n \u003cli\u003e Raw request support (ex. from Burp)\u003c/li\u003e\n \u003cli\u003e Smart fuzz (based on response size)\u003c/li\u003e\n \u003cli\u003e? Bruteforce by request method if 401\u003c/li\u003e\n\u003c/ul\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxvolume%2Ffuzzmap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxvolume%2Ffuzzmap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxvolume%2Ffuzzmap/lists"}