Web Application

FuzzDB

Attack-payload and discovery wordlist library.

webwordlists

fuzzdb — terminal

$ ffuf -w fuzzdb/discovery/predictable.txt -u https://site/FUZZ

What it does

FuzzDB is a curated database of attack payloads, predictable resource names, and response-analysis regexes. It feeds fuzzers and manual testing rather than running on its own.

Source

https://github.com/fuzzdb-project/fuzzdb ↗

More Web Application tools

SQLMapAutomated SQL injection and database takeover.CommixAutomated command-injection exploitation.ffufFast web fuzzer for content and parameter discovery.BeEFBrowser exploitation framework.

Need hosted scanning instead of local tooling?

Run a scan in the browser →