Custom ffuf fork that relies on modified net/http and net/url libraries to avoid strict header and URL parsing.
To install uff, run the following command:
go install github.com/sw33tLie/uff@latestThis effectively makes it possible to send various malformed or unsupported requests, such as:
uff -c -u http://example.com -w vhosts.txt -opaque "http://FUZZ/"
GET http://anything-here/ HTTP/1.1
Host: example.com
uff -c -u http://example.com/FUZZ -w wordlist.txt -X ASDASD
ASDASD /hi HTTP/1.1
Host: example.com
This is not possible in the normal ffuf because the net/http library only allows RFC-compliant HTTP methods.
echo "%9f" | uff -c -u http://example.com/FUZZ -w -
GET /%9f HTTP/1.1
Host: example.com
echo "%9f" | uff -c -u http://example.com/FUZZ -w - -H ' I AM AN INVALID: HEADER'
GET /%9f HTTP/1.1
Host: example.com
I AM AN INVALID: HEADER
uff -c -u http://example.com/FUZZ -w wordlist.txt -H 'lowercase-header: weh'
GET /hi HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
lowercase-header: weh
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Note how lowercase-header starts with a lowercase l.
- Legit user agent instead of ffuf's default
Fuzz Faster U Foolone.
As of now, since the automatic content-length header calculation code was removed from net/http, you need to set your own Content-Length header if you're using the -d flag for POST data.
Currently based on ffuf 2.10-dev