Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/reewardius/bbfuzzing.txt
https://github.com/reewardius/bbfuzzing.txt
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/reewardius/bbfuzzing.txt
- Owner: reewardius
- Created: 2023-01-30T08:46:35.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-04-11T00:08:55.000Z (7 months ago)
- Last Synced: 2024-07-31T14:18:05.811Z (3 months ago)
- Size: 9.17 MB
- Stars: 256
- Watchers: 8
- Forks: 55
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-ChatGPT-repositories - bbFuzzing.txt - bbfuzzing.txta unique vocabulary that is 70% generated with openai chatgpt.the remaining 30% is a compilation of dictionaries from bo0om, circuit and other bugbounters. #chatgpt (Openai)
README
# bbFuzzing.txt
**bbFuzzing.txt** is a unique vocabulary that is 90% generated with OpenAI ChatGPT.
Below are links to tools that allow you to bypass 401/403 status code.
Tools for 403/401 bypass
1. [bypassfuzzer](https://github.com/intrudir/BypassFuzzer) by @intrudir
2. [bypass-url-parser](https://github.com/laluka/bypass-url-parser) by @TheLaluka
3. [dontgo403](https://github.com/devploit/dontgo403) by @devploit
4. [nomore403](https://github.com/devploit/nomore403) by @devploitThere are also examples of how you can extend the fuzzing process to get more interesting results (proxy level misconfigurations, temporary files, etc.).
# NucleiBefore launching it is recommended to check all domains via -id waf-detect, and exclude domains that are hidden behind waf (**nginxgeneric** and **apachegeneric** indicates that WAF is missing).
```
nuclei -l subs -id waf-detect -silent -o waf
nuclei -l nowaf -t bbfuzzing.yaml -silent -rl 500 -c 100
```
It does not work perfectly, the search is aimed exclusively at finding the response body where there is no html, works until the first finding, but if there is still one, it is recommended to run ffuf on this domain as a separate stream.# Ffuf
```
> ffuf -u target.com/FUZZ -w bbFuzzing.txt
> ffuf -u target.com/FUZZ -H "Host: 127.0.0.1" -w bbFuzzing.txt
> ffuf -u target.com/FUZZ -H "Host: localhost" -w bbFuzzing.txt> ffuf -u target.com/FUZZ.example -w bbFuzzing.txt
> ffuf -u target.com/FUZZ.sample -w bbFuzzing.txt
> ffuf -u target.com/FUZZ.template -w bbFuzzing.txt> ffuf -u target.com/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/%3B/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/..%3B/FUZZ/ -w bbFuzzing.txt> ffuf -u target.com/FUZZ..%2f -w bbFuzzing.txt
> ffuf -u target.com/FUZZ%09 -w bbFuzzing.txt
> ffuf -u target.com/FUZZ%23 -w bbFuzzing.txt> ffuf -u target.com/FUZZ..%00 -w bbFuzzing.txt
> ffuf -u target.com/FUZZ;%09 -w bbFuzzing.txt
> ffuf -u target.com/FUZZ;%09.. -w bbFuzzing.txt> ffuf -u target.com/FUZZ;%09..; -w bbFuzzing.txt
> ffuf -u target.com/FUZZ;%2f.. -w bbFuzzing.txt
> ffuf -u target.com/.FUZZ -w bbFuzzing.txt> ffuf -u target.com/%0AFUZZ -w bbFuzzing.txt
> ffuf -u target.com/%0D%0AFUZZ -w bbFuzzing.txt
> ffuf -u target.com/%0DFUZZ -w bbFuzzing.txt> ffuf -u target.com/%2e/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/FUZZ%20 -w bbFuzzing.txt
> ffuf -u target.com/FUZZ%2520 -w bbFuzzing.txt> ffuf -u target.com/%u002e%u002e/%u002e%u002e/FUZZ -w bbFuzzing.txt
> ffuf -u target.com/%2e%2e%2f/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/%2EFUZZ -w bbFuzzing.txt> ffuf -u target.com/FUZZ.old -w bbFuzzing.txt
> ffuf -u target.com/FUZZ?.css -w fuzzing.txt
> ffuf -u target.com/FUZZ?.js -w fuzzing.txt> ffuf -u target.com/_FUZZ -w bbFuzzing.tx
> ffuf -u target.com/FUZZ_ -w bbFuzzing.txt
> ffuf -u target.com/_FUZZ_ -w bbFuzzing.txt> ffuf -u target.com/..;/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/..;/..;/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/../FUZZ -w bbFuzzing.txt> ffuf -u target.com/-FUZZ -w bbFuzzing.txt
> ffuf -u target.com/~FUZZ -w bbFuzzing.txt
> ffuf -u target.com/FUZZ..;/ -w bbFuzzing.txt> ffuf -u target.com/FUZZ;/ -w bbFuzzing.txt
> ffuf -u target.com/FUZZ# -w bbFuzzing.txt
> ffuf -u target.com/FUZZ/~ -w bbFuzzing.txt> ffuf -u target.com/!FUZZ -w bbFuzzing.txt
> ffuf -u target.com/#/FUZZ/ -w bbFuzzing.txt
> ffuf -u target.com/-/FUZZ/ -w bbFuzzing.txt> ffuf -u target.com/FUZZ~ -w bbFuzzing.txt
> ffuf -u target.com/FUZZ/.git/config -w bbFuzzing.txt
> ffuf -u target.com/FUZZ/.env -w bbFuzzing.txt> ffuf -u target.com/FUZZ. -w bbFuzzing.txt
> ffuf -u target.com/FUZZ/* -w bbFuzzing.txt
> ffuf -u target.com/FUZZ/? -w bbFuzzing.txt> ffuf -u target.com/FUZZ -recursive -w fuzzing.txt
> ffuf -u target.com/FUZZ -recursive -w fuzzing.txt -e .asp,.aspx,.ashx,.ash,.jsp,.jspx,.php,.js,.dll,.json,.bak,.bkp,.conf,.txt,.py,.zip,.tar.gz,.tar,.7z,.oldAny special occasions (cookieless) - IIS + ASP
> ffuf -u target.com/(A(ABCD))/FUZZ
> ffuf -u target.com/(ABCD)/FUZZ
> ffuf -u target.com/(A(XXXXXXXX)F(YYYYYYYY))/FUZZ
> ffuf -u target.com/FUZZ/(S(X))/
> ffuf -u target.com/bin::$INDEX_ALLOCATION/FUZZ
> ffuf -u target.com/bin::$INDEX_ALLOCATION/FUZZ.dll
> ffuf -u target.com/bin::$INDEX_ALLOCATION/FUZZ -e .asp,.aspx,.ashx,.ash,.dll
```
5. [pathbuster](https://github.com/ethicalhackingplayground/pathbuster) by @ethicalhackingplayground
```
> pathbuster --urls crawls.txt --payloads traversals.txt --wordlist wordlist.txt -o output.txt
```
![image](https://github.com/reewardius/bbFuzzing.txt/assets/68978608/538999ff-3bac-4291-a347-e701cc1f21d5)
![image](https://github.com/reewardius/bbFuzzing.txt/assets/68978608/88c5c7d7-93e5-471e-8806-9c565207d3fa)6. [TProxer](https://github.com/ethicalhackingplayground/TProxer) - Burp Suite extension made to automate the process of finding reverse proxy path based SSRF by @ethicalhackingplayground
![image](https://github.com/reewardius/bbFuzzing.txt/assets/68978608/be1496fe-8cc2-4494-867d-dcb46a13b113)
![image](https://github.com/reewardius/bbFuzzing.txt/assets/68978608/5df4ce2b-644b-4ed2-a9d9-1c4112f59a91)