Published On May 3, 2023
Fuzz testing or fuzzing is an automated software testing method that injects invalid, malformed, or unexpected inputs into a system to reveal software defects and vulnerabilities. A fuzzing tool injects these inputs into the system and then monitors for exceptions such as crashes or information leakage.
Fuzzing is a very important step in hacking.
It simply means giving random data as an input to a target application to see how it behaves to each input. The hope is obviously to get the application to misbehave in some way that could lead us to discover a vulnerability.
In this video, we will talking about Web Fuzzing, meaning fuzzing websites to discover interesting directories, files, subdomains, and parameters.
We'll use a tool called ffuf, which automates the fuzzing process. Basically, it can keep sending random inputs continuously to the application and filters out the responses according to our liking.
ffuf github: https://github.com/ffuf/ffuf
When it comes to web fuzzing, we usually rely upon a good wordlist. One such good wordlist collection is called seclists
SecLists github: https://github.com/danielmiessler/Sec...
Both ffuf and seclists come pre-installed with Kali Linux.
SOME AWESOME RESOURCES YOU SHOULD CHECK 👇👇👇
• This Is How Hackers Crack Your Passwo...
• How to Hack the GPS location of any ...
make sure to subscribe programmers 100% for more awesome content 👇👇👇
/ programmers100p
Thanks for watching!
SUBSCRIBE for more videos!