Finding Subdomain Using FFUF Tool
Today I will show you how to find subdomain using ffuf kali linux tool.
Let me introduce myself, I am Muhammad Shakib, a free time bug hunter.
We already know we can find subdomain using so many different tools like:
- subfinder
- amass
- sublist3r
- findomain
- assetfinder
and so on…
But today our main goal is using ffuf but HOW? let’s jump to it.
Require Tools
- Burp Suite [ for intercept the root request of a DOMAIN].
- make sure ffuf installed in your machine.
At first open your burp suite and open the default browser.
type your targeted domain for my case : https:www.condersfoundation.com
then intercept the request and copy all request into a file with .txt
here type FUZZ in the host: header where you want to fuzz and save it.
For now i create a simple wordlist but you can use your own wordlist.
Now it’s time to make a simple fuzzing with ffuf
ffuf -request req.txt -w words.txt
I found only two subdomain with 403, 301 code.
Tips: for first sub-domain like 403 status code you can try to bypass it
There so many tool are in GitHub for bypass 403
Thanks for reading my blog..
Note: this is write up only for educational purpose….
See you in the next write up
