Fuzzer
Fuzzer is an advanced web fuzzer.
Overview
Fuzzer is a sophisticated security assessment tool designed to discover hidden or undocumented web resources. It employs an advanced, multi-threaded approach to systematically enumerate directories, files, and endpoints within web applications, helping security professionals map out the complete attack surface.
By leveraging intelligent wordlist processing and dynamic pattern matching, the fuzzer can reveal potential security vulnerabilities, sensitive information exposure, and unintended access points. The tool supports both managed and custom wordlists.
This fuzzer is capable of:
- Fuzzing with several HTTP request methods (such as
GET
,POST
,PUT
, etc.) - Fuzzing for live hosts (subdomain bruteforcing)
- Fuzzing for virtual hosts (VHOST enumeration)
- Fuzzing for input parameters
- Fuzzing with custom wordlists
Usage Examples
You can specify a target URL for Fuzzer to find hidden links, endpoints, files and application routes.
Specify Target
Specify a target for Fuzzer. You may use the positional FUZZ
keyword to instruct the scanner where to inject the word from your wordlist file.
Select Wordlist
Select at least 1 Managed or Custom wordlist.
Set Matchers & Filters
Now set the conditions on when you’d like the fuzzer to mark a resource as found. Ideally, you’d want to filter out resources responding with a status code such as 404
.
Optionally, you may configure any settings you’d like. Afterward, simply click on Scan to launch your scan.
Shortly after your scan has been launched, you will be redirected to the page to view your pending scan.
Scanner settings
This scanner accepts the following optional parameters:
Follow redirects
You may instruct the scanner to follow redirects imposed by the target server. The maximum number of redirects the fuzzer can follow is currently a constant and set to 10
redirects.
Default: true
Generate custom keywords relevant to your target
Fuzzer is also capable of generating possible keywords based on your target. These will be added to your selected wordlist(s) and used to help discover more content.
Default: true
Capabilities
Fuzzer is a comprehensive content discovery scanner equipped with the following capabilities:
Blazing Fast
Blazing Fast
The Fuzzer is lightning-fast. We recommend you always adhere to any applicable scope rules.
Additionally, we also provide an option for you to configure the thread count for your scan session (see Advanced Options menu). The thread count determines the number of simultaneous open HTTP connections.
Positional FUZZ Keyword
Positional FUZZ Keyword
The Fuzzer supports the positional FUZZ
keyword that you can use to instruct the fuzzer where to inject your word from your selected wordlist(s).
This keyword can be used anywhere, such as in the target’s URI (host, path, query parameters) and request headers (Host header, Cookie, User-Agent, etc.) making, for example, virtual host scanning possible.
Custom Wordlist Support
Custom Wordlist Support
Custom wordlists are supported. Learn more on how to upload your custom wordlist.
If you do not have any wordlists, you may always use managed public wordlists.
Custom Keyword Generation
Custom Keyword Generation
The Fuzzer is capable of generating a small wordlist based on keywords derived from the target URI and other commonly used terminologies for software application components (such as dev
, admin
, staging
, etc.).
This optional feature can significantly increase your chances of discovering hidden and unreferenced resources.
Limitations
There are currently no limitations reported for SPIDER X Fuzzer.
Best Practices
We recommend you to follow the best practices that we’ve outlined in detail.