FFUF (Fuzz Faster U Fool) Quick Reference
==========================================

BASIC USAGE
  ffuf -w wordlist.txt -u http://target/FUZZ

DIRECTORY FUZZING
  ffuf -w /usr/share/wordlists/dirb/common.txt \
       -u http://target/FUZZ

  ffuf -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt \
       -u http://target/FUZZ

FILE FUZZING
  ffuf -w wordlist.txt -u http://target/FUZZ.php
  ffuf -w wordlist.txt -u http://target/FUZZ -e .php,.html,.txt,.bak

PARAMETER FUZZING
  ffuf -w params.txt -u "http://target/page?FUZZ=test"
  ffuf -w values.txt -u "http://target/page?param=FUZZ"

POST DATA FUZZING
  ffuf -w wordlist.txt -u http://target/login \
       -X POST -d "user=admin&password=FUZZ" \
       -H "Content-Type: application/x-www-form-urlencoded"

HEADER FUZZING
  ffuf -w wordlist.txt -u http://target/ \
       -H "X-Custom-Header: FUZZ"

SUBDOMAIN FUZZING
  ffuf -w subdomains.txt -u http://FUZZ.target.com
  ffuf -w subdomains.txt -u http://target.com \
       -H "Host: FUZZ.target.com"

VHOST FUZZING
  ffuf -w vhosts.txt -u http://target.com \
       -H "Host: FUZZ" -fs 4242

FILTERING
  -fc 404              Filter by status code
  -fc 404,403          Multiple codes
  -fs 4242             Filter by response size
  -fw 12               Filter by word count
  -fl 5                Filter by line count
  -fr "Not Found"      Filter by regex
  -mc 200              Match only status 200
  -ms 1234             Match by size

OPTIONS
  -t 50                Threads (default 40)
  -rate 100            Requests per second limit
  -timeout 5           Timeout in seconds
  -r                   Follow redirects
  -c                   Colorize output
  -o output.json       Save output
  -of json             Output format
  -v                   Verbose
  -s                   Silent (only results)

RECURSIVE
  ffuf -w wordlist.txt -u http://target/FUZZ \
       -recursion -recursion-depth 2

MULTIPLE WORDLISTS
  ffuf -w users.txt:USER -w passes.txt:PASS \
       -u http://target/login \
       -X POST -d "user=USER&pass=PASS" \
       -mode clusterbomb

MODES
  clusterbomb          All combinations (default for multi)
  pitchfork            Paired (line by line)
