{"id":31489,"date":"2023-12-08T11:43:10","date_gmt":"2023-12-08T11:43:10","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=31489"},"modified":"2023-12-08T11:43:14","modified_gmt":"2023-12-08T11:43:14","slug":"afuzz","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/afuzz\/","title":{"rendered":"Afuzz &#8211; An automated web path fuzzing tool"},"content":{"rendered":"\n<p>Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. &#8220;Afuzz&#8221; turns out to be a useful tool in this search because it provides an automatic way to test web paths that is perfect for bug reward projects. Afuzz was created by RapidDNS and is unique because it can intelligently adapt to the development language of selected websites. This makes it easier to find security holes.<\/p>\n\n\n\n<p>This article goes into detail about what Afuzz can do and how it works. It focuses on some of its unique features, such as creating extensions based on language, filtering by blacklists and whitelists, and advanced error page analysis. Afuzz is a big step forward in automatic web path fuzzing tools because it supports HTTP2 and lets you do statistical analysis on scan results.<\/p>\n\n\n\n<p>As bug bounty hunting changes, security experts and ethical hackers will need tools like Afuzz more and more. This guide will show you how to install, use, and get the most out of Afuzz, showing you how it can revolutionize your bug bounty tools. It doesn&#8217;t matter how experienced you are as a hunter; knowing what Afuzz can do will greatly improve your ability to find hidden flaws in web apps.<\/p>\n\n\n\n<p>Afuzz is an automated web path fuzzing tool for the Bug Bounty projects<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Features<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Afuzz automatically detects the development language used by the website, and generates extensions according to the language<\/li>\n\n\n\n<li>Uses blacklist to filter invalid pages<\/li>\n\n\n\n<li>Uses whitelist to find content that bug bounty hunters are interested in in the page<\/li>\n\n\n\n<li>filters random content in the page<\/li>\n\n\n\n<li>judges 404 error pages in multiple ways<\/li>\n\n\n\n<li>perform statistical analysis on the results after scanning to obtain the final result.<\/li>\n\n\n\n<li>support HTTP2<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/RapidDNS\/Afuzz#installation\"><\/a><strong>Installation<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>git clone https:\/\/github.com\/rapiddns\/Afuzz.git\r\ncd Afuzz\r\npython setup.py install<\/code><\/pre>\n\n\n\n<p>OR<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>pip install afuzz<\/code><\/pre>\n\n\n\n<p>Run<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>afuzz -u http:\/\/testphp.vulnweb.com -t 30<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Result<\/strong><\/h2>\n\n\n\n<p>Table<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\r\n|                                                                                    http:\/\/testphp.vulnweb.com\/                                                                                    |\r\n+-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+\r\n|            target           |         path        | status |              redirect             |         title         | length |       content-type       | lines | words |    type   |   mark   |\r\n+-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+\r\n| http:\/\/testphp.vulnweb.com\/ | .idea\/workspace.xml |  200   |                                   |                       | 12437  |         text\/xml         |  217  |  774  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |        admin        |  301   | http:\/\/testphp.vulnweb.com\/admin\/ | 301 Moved Permanently |  169   |        text\/html         |   8   |   11  |   folder  |   30x    |\r\n| http:\/\/testphp.vulnweb.com\/ |      login.php      |  200   |                                   |       login page      |  5009  |        text\/html         |  120  |  432  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |     .idea\/.name     |  200   |                                   |                       |   6    | application\/octet-stream |   1   |   1   |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |    .idea\/vcs.xml    |  200   |                                   |                       |  173   |         text\/xml         |   8   |   13  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |        .idea\/       |  200   |                                   |    Index of \/.idea\/   |  937   |        text\/html         |   14  |   46  | whitelist | index of |\r\n| http:\/\/testphp.vulnweb.com\/ |       cgi-bin\/      |  403   |                                   |     403 Forbidden     |  276   |        text\/html         |   10  |   28  |   folder  |   403    |\r\n| http:\/\/testphp.vulnweb.com\/ | .idea\/encodings.xml |  200   |                                   |                       |  171   |         text\/xml         |   6   |   11  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |      search.php     |  200   |                                   |         search        |  4218  |        text\/html         |  104  |  364  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |     product.php     |  200   |                                   |    picture details    |  4576  |        text\/html         |  111  |  377  |   check   |          |\r\n| http:\/\/testphp.vulnweb.com\/ |        admin\/       |  200   |                                   |    Index of \/admin\/   |  248   |        text\/html         |   8   |   16  | whitelist | index of |\r\n| http:\/\/testphp.vulnweb.com\/ |        .idea        |  301   | http:\/\/testphp.vulnweb.com\/.idea\/ | 301 Moved Permanently |  169   |        text\/html         |   8   |   11  |   folder  |   30x    |\r\n+-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+```<\/code><\/pre>\n\n\n\n<p>Json<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>{\r\n    \"result\": &#91;\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\/workspace.xml\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"\",\r\n            \"length\": 12437,\r\n            \"content_type\": \"text\/xml\",\r\n            \"lines\": 217,\r\n            \"words\": 774,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\/workspace.xml\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"admin\",\r\n            \"status\": 301,\r\n            \"redirect\": \"http:\/\/testphp.vulnweb.com\/admin\/\",\r\n            \"title\": \"301 Moved Permanently\",\r\n            \"length\": 169,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 8,\r\n            \"words\": 11,\r\n            \"type\": \"folder\",\r\n            \"mark\": \"30x\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/admin\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"login.php\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"login page\",\r\n            \"length\": 5009,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 120,\r\n            \"words\": 432,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/login.php\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\/.name\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"\",\r\n            \"length\": 6,\r\n            \"content_type\": \"application\/octet-stream\",\r\n            \"lines\": 1,\r\n            \"words\": 1,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\/.name\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\/vcs.xml\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"\",\r\n            \"length\": 173,\r\n            \"content_type\": \"text\/xml\",\r\n            \"lines\": 8,\r\n            \"words\": 13,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\/vcs.xml\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\/\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"Index of \/.idea\/\",\r\n            \"length\": 937,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 14,\r\n            \"words\": 46,\r\n            \"type\": \"whitelist\",\r\n            \"mark\": \"index of\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\/\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"cgi-bin\/\",\r\n            \"status\": 403,\r\n            \"redirect\": \"\",\r\n            \"title\": \"403 Forbidden\",\r\n            \"length\": 276,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 10,\r\n            \"words\": 28,\r\n            \"type\": \"folder\",\r\n            \"mark\": \"403\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/cgi-bin\/\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\/encodings.xml\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"\",\r\n            \"length\": 171,\r\n            \"content_type\": \"text\/xml\",\r\n            \"lines\": 6,\r\n            \"words\": 11,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\/encodings.xml\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"search.php\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"search\",\r\n            \"length\": 4218,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 104,\r\n            \"words\": 364,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/search.php\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"product.php\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"picture details\",\r\n            \"length\": 4576,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 111,\r\n            \"words\": 377,\r\n            \"type\": \"check\",\r\n            \"mark\": \"\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/product.php\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \"admin\/\",\r\n            \"status\": 200,\r\n            \"redirect\": \"\",\r\n            \"title\": \"Index of \/admin\/\",\r\n            \"length\": 248,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 8,\r\n            \"words\": 16,\r\n            \"type\": \"whitelist\",\r\n            \"mark\": \"index of\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/admin\/\"\r\n        },\r\n        {\r\n            \"target\": \"http:\/\/testphp.vulnweb.com\/\",\r\n            \"path\": \".idea\",\r\n            \"status\": 301,\r\n            \"redirect\": \"http:\/\/testphp.vulnweb.com\/.idea\/\",\r\n            \"title\": \"301 Moved Permanently\",\r\n            \"length\": 169,\r\n            \"content_type\": \"text\/html\",\r\n            \"lines\": 8,\r\n            \"words\": 11,\r\n            \"type\": \"folder\",\r\n            \"mark\": \"30x\",\r\n            \"subdomain\": \"testphp.vulnweb.com\",\r\n            \"depth\": 0,\r\n            \"url\": \"http:\/\/testphp.vulnweb.com\/.idea\"\r\n        }\r\n    ],\r\n    \"total\": 12,\r\n    \"target\": \"http:\/\/testphp.vulnweb.com\/\"\r\n}<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Wordlists (IMPORTANT)<\/strong><\/h2>\n\n\n\n<p><strong>Summary:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Wordlist is a text file, each line is a path.<\/li>\n\n\n\n<li>About extensions, Afuzz replaces the&nbsp;<code>%EXT%<\/code>&nbsp;keyword with extensions from&nbsp;<strong>-e<\/strong>&nbsp;flag.If no flag -e, the default is used.<\/li>\n\n\n\n<li>Generate a dictionary based on domain names. Afuzz replaces %subdomain% with host, %rootdomain% with root domain, %sub% with subdomain, and %domain% with domain. And generated according to %ext%<\/li>\n<\/ul>\n\n\n\n<p><strong>Examples:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Normal extensions<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>index.%EXT%<\/code><\/pre>\n\n\n\n<p>Passing\u00a0<strong>asp<\/strong>\u00a0and\u00a0<strong>aspx<\/strong>\u00a0extensions will generate the following dictionary:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>index\r\nindex.asp\r\nindex.aspx<\/code><\/pre>\n\n\n\n<p>host<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>%subdomain%.%ext%\r\n%sub%.bak\r\n%domain%.zip\r\n%rootdomain%.zip<\/code><\/pre>\n\n\n\n<p>Passing\u00a0<strong><a href=\"https:\/\/test-www.hackerone.com\/\">https:\/\/test-www.hackerone.com<\/a><\/strong>\u00a0and\u00a0<strong>php<\/strong>\u00a0extension will genrate the following dictionary:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>test-www.hackerone.com.php\r\ntest-www.zip\r\ntest.zip\r\nwww.zip\r\ntestwww.zip\r\nhackerone.zip\r\nhackerone.com.zip<\/code><\/pre>\n\n\n\n<p>Options<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>    #     ###### ### ###  ######  ######\r\n    #      #   #  #   #   #   #   #   #\r\n   # #     # #    #   #   #  #    #  #\r\n   # #     ###    #   #     #       #\r\n  #  #    #  #   #   #      #       #\r\n  #####   #      #   #     #  #    #  #\r\n #    #   #      #   #    #   #   #   #\r\n###  ### ###      ###    ######  ######\r\n\r\n\r\n\r\nusage: afuzz &#91;options]\r\n\r\nAn Automated Web Path Fuzzing Tool.\r\nBy RapidDNS (https:\/\/rapiddns.io)\r\n\r\noptions:\r\n  -h, --help            show this help message and exit\r\n  -u URL, --url URL     Target URL\r\n  -o OUTPUT, --output OUTPUT\r\n                        Output file\r\n  -e EXTENSIONS, --extensions EXTENSIONS\r\n                        Extension list separated by commas (Example: php,aspx,jsp)\r\n  -t THREAD, --thread THREAD\r\n                        Number of threads\r\n  -d DEPTH, --depth DEPTH\r\n                        Maximum recursion depth\r\n  -w WORDLIST, --wordlist WORDLIST\r\n                        wordlist\r\n  -f, --fullpath        fullpath\r\n  -p PROXY, --proxy PROXY\r\n                        proxy, (ex:http:\/\/127.0.0.1:8080)<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How to use<\/strong><\/h2>\n\n\n\n<p>Some examples for how to use Afuzz &#8211; those are the most common arguments. If you need all, just use the&nbsp;<strong>-h<\/strong>&nbsp;argument.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/RapidDNS\/Afuzz#simple-usage\"><\/a><strong>Simple usage<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>afuzz -u https:\/\/target<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>afuzz -e php,html,js,json -u https:\/\/target<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>afuzz -e php,html,js -u https:\/\/target -d 3<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Threads<\/strong><\/h3>\n\n\n\n<p>The thread number (<strong>-t | &#8211;threads<\/strong>) reflects the number of separated brute force processes. And so the bigger the thread number is, the faster afuzz runs. By default, the number of threads is 10, but you can increase it if you want to speed up the progress.<\/p>\n\n\n\n<p>In spite of that, the speed still depends a lot on the response time of the server. And as a warning, we advise you to keep the threads number not too big because it can cause DoS.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>afuzz -e aspx,jsp,php,htm,js,bak,zip,txt,xml -u https:\/\/target -t 50<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. &#8220;Afuzz&#8221; turns out to be a useful tool in this search because it provides an automatic way to test web paths that is perfect for bug reward projects. Afuzz was created by RapidDNS and is unique because it [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":31491,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20],"tags":[6455,737,6321,6052,6325],"class_list":["post-31489","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","tag-afuzz","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Afuzz - An automated web path fuzzing tool<\/title>\n<meta name=\"description\" content=\"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. &quot;Afuzz&quot; turns out to be a useful tool\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/afuzz\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Afuzz - An automated web path fuzzing tool\" \/>\n<meta property=\"og:description\" content=\"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. &quot;Afuzz&quot; turns out to be a useful tool\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/afuzz\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-08T11:43:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-08T11:43:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"Afuzz &#8211; An automated web path fuzzing tool\",\"datePublished\":\"2023-12-08T11:43:10+00:00\",\"dateModified\":\"2023-12-08T11:43:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/\"},\"wordCount\":507,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\",\"keywords\":[\"Afuzz\",\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\"],\"articleSection\":[\"Cyber security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/afuzz\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/\",\"name\":\"Afuzz - An automated web path fuzzing tool\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\",\"datePublished\":\"2023-12-08T11:43:10+00:00\",\"dateModified\":\"2023-12-08T11:43:14+00:00\",\"description\":\"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. \\\"Afuzz\\\" turns out to be a useful tool\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/afuzz\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Afuzz - An automated web path fuzzing tool","description":"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. \"Afuzz\" turns out to be a useful tool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/afuzz\/","og_locale":"en_US","og_type":"article","og_title":"Afuzz - An automated web path fuzzing tool","og_description":"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. \"Afuzz\" turns out to be a useful tool","og_url":"https:\/\/kalilinuxtutorials.com\/afuzz\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-12-08T11:43:10+00:00","article_modified_time":"2023-12-08T11:43:14+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"Afuzz &#8211; An automated web path fuzzing tool","datePublished":"2023-12-08T11:43:10+00:00","dateModified":"2023-12-08T11:43:14+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/"},"wordCount":507,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","keywords":["Afuzz","cybersecurity","informationsecurity","kalilinux","kalilinuxtools"],"articleSection":["Cyber security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/afuzz\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/","url":"https:\/\/kalilinuxtutorials.com\/afuzz\/","name":"Afuzz - An automated web path fuzzing tool","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","datePublished":"2023-12-08T11:43:10+00:00","dateModified":"2023-12-08T11:43:14+00:00","description":"Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. \"Afuzz\" turns out to be a useful tool","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/afuzz\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/afuzz\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhO631zBDLYcBLKAyf0LSpZDD6_EdqXZqAK8JULd1vaN4dvpZUWieh5WMnlQmrI2pKqhQNZjdkW0DYAuQnBk0N_UVBJdNn6b9RmTxEYr-r_6WuybvZbekI-o39N3o8vpP-glHoXX6C6acojzaCKXAoNdIJErRW_JRkO9vyQbOCO7exIHx98rkoCiG3YIg\/s16000\/Afuzz%20-%20An%20automated%20web%20path%20fuzzing%20tool.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":36785,"url":"https:\/\/kalilinuxtutorials.com\/brainstorm\/","url_meta":{"origin":31489,"position":0},"title":"Brainstorm : Revolutionizing Web Fuzzing With Local LLMs","author":"Varshini","date":"March 3, 2025","format":false,"excerpt":"Brainstorm is an innovative web fuzzing tool that integrates traditional fuzzing techniques with AI-powered insights, leveraging local Large Language Models (LLMs) via Ollama to optimize the discovery of hidden directories, files, and endpoints in web applications. By combining the speed and efficiency of tools like ffuf with the intelligence of\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Brainstorm-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":31455,"url":"https:\/\/kalilinuxtutorials.com\/all-in-one-bug-hunting-setup\/","url_meta":{"origin":31489,"position":1},"title":"All-in-One Bug Hunting Setup: The Ultimate Debian Linux Script for Cybersecurity Enthusiasts","author":"Varshini","date":"December 5, 2023","format":false,"excerpt":"In the always-changing world of cybersecurity, it's important to be quick and careful. For Debian Linux users who are really into finding and studying security holes, the \"All-in-One Bug Hunting Setup\" is a revolutionary bash script. Setting up a full bug hunting environment is made easier by this innovative tool.\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhgAHP5Msr03BF_L2Ro5-6SojmCvywL5doYeu4Qnkax8RvMS7OAAZ-Xs7tfz65fsdscdmIMdjfzdlnsm-qV4dkwkAzCh3O9IhmUgtA_c-qf8quBQOBK9JZwp361_3iXwkC4U2h-bhERTDqyYbg1diTteOglwvtDO9rV6kmtEVgvr2n8KzrMdC_1S4YMZw\/s16000\/All%20in%20one.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhgAHP5Msr03BF_L2Ro5-6SojmCvywL5doYeu4Qnkax8RvMS7OAAZ-Xs7tfz65fsdscdmIMdjfzdlnsm-qV4dkwkAzCh3O9IhmUgtA_c-qf8quBQOBK9JZwp361_3iXwkC4U2h-bhERTDqyYbg1diTteOglwvtDO9rV6kmtEVgvr2n8KzrMdC_1S4YMZw\/s16000\/All%20in%20one.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhgAHP5Msr03BF_L2Ro5-6SojmCvywL5doYeu4Qnkax8RvMS7OAAZ-Xs7tfz65fsdscdmIMdjfzdlnsm-qV4dkwkAzCh3O9IhmUgtA_c-qf8quBQOBK9JZwp361_3iXwkC4U2h-bhERTDqyYbg1diTteOglwvtDO9rV6kmtEVgvr2n8KzrMdC_1S4YMZw\/s16000\/All%20in%20one.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhgAHP5Msr03BF_L2Ro5-6SojmCvywL5doYeu4Qnkax8RvMS7OAAZ-Xs7tfz65fsdscdmIMdjfzdlnsm-qV4dkwkAzCh3O9IhmUgtA_c-qf8quBQOBK9JZwp361_3iXwkC4U2h-bhERTDqyYbg1diTteOglwvtDO9rV6kmtEVgvr2n8KzrMdC_1S4YMZw\/s16000\/All%20in%20one.webp?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":11936,"url":"https:\/\/kalilinuxtutorials.com\/restler-fuzzer\/","url_meta":{"origin":31489,"position":2},"title":"Restler Fuzzer : API Fuzzing Tool For Automatically Testing Cloud Services","author":"R K","date":"December 15, 2020","format":false,"excerpt":"RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI\/Swagger specification, RESTler analyzes its entire specification, and then generates and executes tests that exercise the\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":37175,"url":"https:\/\/kalilinuxtutorials.com\/fuzzlists\/","url_meta":{"origin":31489,"position":3},"title":"FuzzLists : The Ultimate Toolkit For Penetration Testing And Bug Hunting","author":"Varshini","date":"March 20, 2025","format":false,"excerpt":"FuzzLists is a comprehensive collection of lists designed to aid in penetration testing and bug bounty hunting. These lists include dictionaries, payloads, variables, and tools for content discovery, sandbox escaping, and more. The repository, maintained by nu11pointer, provides essential resources for cybersecurity professionals and bug bounty hunters to identify vulnerabilities\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/FuzzLists-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":31102,"url":"https:\/\/kalilinuxtutorials.com\/furl\/","url_meta":{"origin":31489,"position":4},"title":"Furl &#8211; Wayback Machine URL Mining For Bug Hunting","author":"Varshini","date":"November 1, 2023","format":false,"excerpt":"Furl is a tool for mining URLs from Wayback Machine for bug hunting\/fuzzing\/further probing. Furl is a powerful tool designed for bug hunters, fuzzers, and those seeking to probe the depths of the web. This article explores how Furl can be used to mine URLs from the Wayback Machine, opening\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnU6FNQ0TWmygkijM-uznEAOI-jbOMi2CpfCoQz9fWlMCIr-_bo9ypSor5xnFVRnj6oyK80M-waRGDovSjfCMS-ex-MJjx-fNBkHKxMWXYsZlKknD6Q2Vkohrsjmwg1BmuFj5YagHK-0KS1617bwlboqySVkYqvfs5pdbCZ34-LvQyv5gC_9bS_mqkIvCd\/s16000\/Untitled%20design%20%2846%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":35756,"url":"https:\/\/kalilinuxtutorials.com\/nucleifuzzer\/","url_meta":{"origin":31489,"position":5},"title":"NucleiFuzzer = Nuclei + Paramspider + waybackurls + gauplus + hakrawler + katana + Fuzzing Templates","author":"Varshini","date":"January 27, 2025","format":false,"excerpt":"NucleiFuzzer is an advanced automation tool designed to streamline and optimize web application security testing by integrating a suite of powerful URL discovery and vulnerability scanning tools. It combines ParamSpider, Waybackurls, Katana, Gauplus, and Hakrawler to comprehensively gather and enumerate potential entry points for web applications. Leveraging the power of\u2026","rel":"","context":"In &quot;Pentesting Tools&quot;","block_context":{"text":"Pentesting Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/penetration-testing-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31489","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=31489"}],"version-history":[{"count":1,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31489\/revisions"}],"predecessor-version":[{"id":31490,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31489\/revisions\/31490"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/31491"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=31489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=31489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=31489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}