# Fuzzing / Wordlists

1. <https://twitter.com/Jhaddix/status/1177706552272142337>
   1. <https://twitter.com/NahamSec/status/1177672652011343873>
2. <https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d>&#x20;
   1. <https://twitter.com/Yassineaboukir/status/1189813564053180416>
3. <https://twitter.com/soaj1664ashar/status/1189570378961739777>
4. <https://twitter.com/s0md3v/status/1190325611215982592>
5. Param Bruteforce -<https://twitter.com/HusseiN98D/status/1166759438503620610> - Arjun
6. Rustbuster - [https://twitter.com/michael\_eder\_/status/1166629786711670784](https://twitter.com/michael_eder_/status/1166629786711670784?ref_src=twsrc%5Etfw%7Ctwcamp%5Eembeddedtimeline%7Ctwterm%5Ecollection%3A1165994575510605826%7Ctwcon%5Etimelinechrome\&ref_url=https%3A%2F%2Ftwitter.com%2Fpentesterland%2Ftimelines%2F1165994575510605826)
7. Check Status Codes - <https://github.com/Sy3Omda/dotfiles/blob/master/fetcher.sh>
8. Robots disallowed - <https://github.com/danielmiessler/RobotsDisallowed>
9. Content Discovery - <https://twitter.com/Alra3ees/status/1208502084246671366> (Also downloaded the same)
10. <https://twitter.com/Random_Robbie/status/1221748816308768770>
11. Dirbuster - When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:

    dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u - <https://twitter.com/i/status/1221792235215151104>
12. PathBrute - <https://github.com/milo2012/pathbrute>
13. <https://github.com/enciphers/Wordlists>
14. [Content\_discovery\_nullenc0de.txt](https://gist.github.com/nullenc0de/96fb9e934fc16415fbda2f83f08b28e7#file-content_discovery_nullenc0de-txt)
15. <https://github.com/pwnwiki/webappurls>
16. Status codes - hakul/hakcrawl - gofetch , statusparser
17. What are your normal testing steps when you see a 401? - <https://twitter.com/nomanAli181/status/1146411693590736896>
18. <https://twitter.com/payloadartist/status/1240591694753452032>
19. <https://github.com/deibit/cansina> - web content discovery
20. <https://twitter.com/_harleo/status/1138883725675192322>
21. <https://github.com/phspade/Combined-Wordlists>
22. New dirs to bruteforce -<https://twitter.com/nullenc0de/status/1249804904790732802>
23. <https://twitter.com/imranparray101/status/1141100671581556736?s=20>
24. Jhaddix -&#x20;

{% embed url="<https://twitter.com/Jhaddix/status/1064195192574464000>" %}

Tools -  Fast web fuzzer written in Go - <https://github.com/ffuf/ffuf>

{% embed url="<https://twitter.com/gwendallecoguic/status/1202984025842995200>" %}

When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:

dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u&#x20;

{% embed url="<https://twitter.com/hakluke/status/1221792235215151104>" %}

{% embed url="<https://twitter.com/soaj1664ashar/status/1182953904511901696>" %}

{% embed url="<https://twitter.com/soaj1664ashar/status/1184389713941139456>" %}

Thread Related -- <https://twitter.com/search?q=FFuF&src=typed_query>

Any tool to dedupe a list of urls according their parameters? I mean keep only 1 url if it appears several times with same params no matter their values - <https://twitter.com/gwendallecoguic/status/1207435306410168322>

* <https://securityjunky.com/ffuf-on-steroids/>
* <https://github.com/assetnote/commonspeak2-wordlists>
* wordlist by random robbie - <https://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b>
* Subdomain bruteforce list - <https://twitter.com/Alra3ees/status/1068079409117188096>
* FULLL LIST \_ <https://forum.bugcrowd.com/t/dropping-a-cool-wordlist/9211>
* Interesting file extensions to look for: - <https://twitter.com/s0md3v/status/1271241942576185344>
* Check out subs\_all txt here - <https://drive.google.com/file/d/12nABC1GUL7lBsPuzC0pWJrPRzHMHqe8X/view?usp=sharing>
* Tool - wordlistgen
* <https://github.com/Bo0oM/fuzz.txt>
* <https://github.com/epi052/feroxbuster>
* <https://github.com/Droidzzzio/EnumerationList>
* <https://github.com/six2dez/OneListForAll>

{% embed url="<https://twitter.com/s0md3v/status/1271241942576185344>" %}

* <https://github.com/BonJarber/SecUtils/tree/master/clean_wordlist>
* <https://github.com/gh0stkey/Web-Fuzzing-Box>
* <https://github.com/six2dez/OneListForAll>

{% embed url="<https://twitter.com/Alra3ees/status/1301953579675156481?s=20>" %}

{% embed url="<https://twitter.com/Random_Robbie/status/1313772929201692672>" %}

![https://twitter.com/Mah3Sec\_/status/1325030700039368709](/files/-MWEIzcNdlKGT3vcjLQB)

{% embed url="<https://twitter.com/ADITYASHENDE17/status/1359086132911243267?s=20>" %}

{% embed url="<https://twitter.com/m4ll0k/status/1427173323964833793?s=20>" %}

* Huge\_DIR\_wordlist:- <https://github.com/emadshanab/Huge_DIR_wordlist>

Exploiting:

* <https://github.com/ayoubfathi/leaky-paths>

{% embed url="<https://t.co/D7j9jXfinM?amp=1>" %}

{% embed url="<https://twitter.com/Alra3ees/status/1401242508219326466?s=20>" %}

{% embed url="<https://twitter.com/akita_zen/status/1467710656170369029?s=20>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gowthams.gitbook.io/bughunter-handbook/fuzzing-wordlists.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.