Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/thelikes/fuzznav

parse ffuf & map endpoints to wordlists
https://github.com/thelikes/fuzznav

bugbounty directory-fuzzing discovered-endpoints ffuf hacking multiple-wordlists offensive-security pentesting

Last synced: 21 days ago
JSON representation

parse ffuf & map endpoints to wordlists

Host: GitHub
URL: https://github.com/thelikes/fuzznav
Owner: thelikes
Created: 2019-09-13T02:48:08.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2021-02-25T14:56:07.000Z (almost 4 years ago)
Last Synced: 2024-08-05T17:30:52.384Z (4 months ago)
Topics: bugbounty, directory-fuzzing, discovered-endpoints, ffuf, hacking, multiple-wordlists, offensive-security, pentesting
Language: Go
Homepage:
Size: 4.51 MB
Stars: 19
Watchers: 2
Forks: 4
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - thelikes/fuzznav - parse ffuf & map endpoints to wordlists (Go)

README

# fuzznav

A utility for parsing and visualizing the web server endpoints discovered with ffuf and the wordlists used against each target.

## Features
* Parse many, many ffuf files at once
* Show target FUZZ endpoints
* Show discovered endpoints
* Pretty print - full URIs, color, status, size, words, & lines

## Install

```
$ GO111MODULE=on go get -u -v github.com/thelikes/fuzznav
```

## Run

Use shell commands (`find`, `ls`, etc) to list ffuf JSON files and pipe the
output to `fuzznav`. Throw `e` or `t` for endpoints and targets, respectively.

**TIP** Use the firefox addon [Open Multiple
URLs](https://addons.mozilla.org/en-US/firefox/addon/open-multiple-urls/), or
similar, to pop a list of results into the browser quickly.

### Basics

Print found endpoints:

```
$ ls
ffuf-example.com.json
ffuf-examplecorporate.com.json
ffuf-admin.example.com.json

# print all endpoints found for "example.com"
$ ls | grep example.com | fuzznav
http://example.com/.hta [Status: 403, Size: 274, Words: 20, Lines: 10]
http://example.com/admin [Status: 301, Size: 306, Words: 20, Lines: 10]
http://example.com/doc [Status: 301, Size: 304, Words: 20, Lines: 10]
http://example.com/index.html [Status: 200, Size: 94, Words: 2, Lines: 9]
```

Print fuzzed targets:

```
$ ls
ffuf-victim.com.json
ffuf-victim.com-admin.json

# print all FUZZ targets
$ ls | grep victim.com | fuzznav targs
http://example.com/admin/FUZZ common.txt
http://example.com/FUZZ common.txt,raft-small-files.txt
```

## Background
This tool's aim is to aid in the mapping of fuzzing efforts. Instead of keeping a mental representation of what endpoints were fuzzed with what wordlists, this tool will make it easy to visualize where a server has been fuzzed and with what. Additionally, as ffuf (helpfully) stores a lot of data about discovered results and scanning in general, it can be cumbersome to get just what you need from the resulting json - fuzznav makes it simple to extract and parse.

## To Do

### General
- [x] integreate [cobra](https://github.com/spf13/cobra)

### Endpoints
- [x] color
- [ ] filters
- [ ] show file found in
- [ ] tree view

example.com/
/login
/user
/admin
/manage
/upload

### Targets
- [ ] handle extensions
- [ ] handle multi custerbomb

### Stats
- [ ] no. of requests (ffuf provide?)
- [ ] no. of sessions (ffuf provide?)
- [ ] scanning time (ffuf provide?)
- [ ] endpoints discovered

## Thanks
Special thanks to [joohoi](https://twitter.com/joohoi) for such an amazing tool.