-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: add -prefix flag #778
Comments
Hi @br-sn, Quick approach: For fuzzing with a specific prefix, you can manually prepend it in your command, like so: Detailed explanation: Similarly, introducing a prefix argument would likely increase the request count by also trying each keyword both with and without the prefix. Which approach do you think fits better for your needs? |
Hi @bsysop, The approach I had in mind that best fits my workflow is the exact same mechanism as the -extension/-e flag but with -prefix, so the second approach. This could be helpful in also adding in pre-fixes such as a space character, which I often find myself testing for ( |
Got it @br-sn |
This is a valid request and should be a rather simple addition. Great for a potential first-time contributor, as they can mostly copy the behavior of extension flag. As a workaround, you can use the dirsearch style wordlist format ( %EXT% gets replaced by whatever is defined in -e value when -D is defined on ffuf cli ), and it can exist in the beginning of the word as well. |
In the same way there's currently an -e (extensions) flag, that can be used to not just add extensions such as .php, I believe adding a prefix flag could be useful in several scenarios.
For example, if you know the naming convention of a company, you could add "-prefix " without having to create a second wordlist and a second injection point.
The text was updated successfully, but these errors were encountered: