directory-bruteforce on Astroicers Bloghttps://astroicers.link/tags/directory-bruteforce.htmlRecent content in directory-bruteforce on Astroicers BlogHugo -- gohugo.ioenWed, 18 Mar 2026 00:00:00 +0000ffuf 網頁 Fuzzing 工具https://astroicers.link/p/ffuf-%E7%B6%B2%E9%A0%81-fuzzing-%E5%B7%A5%E5%85%B7.htmlWed, 18 Mar 2026 00:00:00 +0000https://astroicers.link/p/ffuf-%E7%B6%B2%E9%A0%81-fuzzing-%E5%B7%A5%E5%85%B7.html<h2 id="專案簡介">專案簡介</h2> <p><a class="link" href="https://github.com/ffuf/ffuf" target="_blank" rel="noopener" >ffuf</a> 是一個用 Go 語言編寫的高效能網頁 Fuzzer。支援目錄掃描、參數 Fuzzing、虛擬主機探測等多種模式,是取代 dirb、gobuster 的現代化工具。</p> <p><strong>GitHub Stars</strong>: 15K+</p> <h2 id="主要功能">主要功能</h2> <ul> <li><strong>高效能</strong> - Go 語言開發,支援高並發</li> <li><strong>多模式</strong> - 目錄、參數、Header Fuzzing</li> <li><strong>過濾強大</strong> - 依狀態碼、大小、字數過濾</li> <li><strong>輸出豐富</strong> - JSON、CSV、HTML 報告</li> <li><strong>管道友善</strong> - 易於自動化整合</li> </ul> <h2 id="安裝">安裝</h2> <h3 id="go-install">Go Install</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">go install github.com/ffuf/ffuf/v2@latest </span></span></code></pre></td></tr></table> </div> </div><h3 id="homebrew">Homebrew</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">brew install ffuf </span></span></code></pre></td></tr></table> </div> </div><h3 id="kali-linux">Kali Linux</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">sudo apt install ffuf </span></span></code></pre></td></tr></table> </div> </div><h2 id="基本使用">基本使用</h2> <h3 id="目錄掃描">目錄掃描</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w /usr/share/seclists/Discovery/Web-Content/common.txt </span></span></code></pre></td></tr></table> </div> </div><h3 id="指定副檔名">指定副檔名</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -e .php,.html,.js,.txt </span></span></code></pre></td></tr></table> </div> </div><h3 id="遞迴掃描">遞迴掃描</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -recursion -recursion-depth <span class="m">2</span> </span></span></code></pre></td></tr></table> </div> </div><h2 id="過濾與匹配">過濾與匹配</h2> <h3 id="狀態碼過濾">狀態碼過濾</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 只顯示 200, 301, 302</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -mc 200,301,302 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 過濾 404</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -fc <span class="m">404</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="大小過濾">大小過濾</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 過濾特定大小</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -fs <span class="m">1234</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 過濾大小範圍</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -fs 0-100 </span></span></code></pre></td></tr></table> </div> </div><h3 id="字數過濾">字數過濾</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -fw <span class="m">10</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="正則過濾">正則過濾</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -fr <span class="s2">&#34;not found|error&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><h2 id="進階用法">進階用法</h2> <h3 id="參數-fuzzing">參數 Fuzzing</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># GET 參數</span> </span></span><span class="line"><span class="cl">ffuf -u <span class="s2">&#34;https://target.com/page?FUZZ=value&#34;</span> -w params.txt </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 參數值</span> </span></span><span class="line"><span class="cl">ffuf -u <span class="s2">&#34;https://target.com/page?id=FUZZ&#34;</span> -w values.txt </span></span></code></pre></td></tr></table> </div> </div><h3 id="post-資料">POST 資料</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/login <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -X POST <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -d <span class="s2">&#34;username=admin&amp;password=FUZZ&#34;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w passwords.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -fc <span class="m">401</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="header-fuzzing">Header Fuzzing</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/ <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -H <span class="s2">&#34;X-Custom-Header: FUZZ&#34;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w headers.txt </span></span></code></pre></td></tr></table> </div> </div><h3 id="虛擬主機探測">虛擬主機探測</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/ <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -H <span class="s2">&#34;Host: FUZZ.target.com&#34;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w subdomains.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -fs <span class="m">0</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="多關鍵字">多關鍵字</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ1/FUZZ2 <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w users.txt:FUZZ1 <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w ids.txt:FUZZ2 <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -mode clusterbomb </span></span></code></pre></td></tr></table> </div> </div><h2 id="效能調整">效能調整</h2> <h3 id="並發與速率">並發與速率</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span><span class="lnt">7 </span><span class="lnt">8 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 設定執行緒數</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -t <span class="m">100</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 請求延遲(毫秒)</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -p 0.1 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 每秒請求數</span> </span></span><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -rate <span class="m">100</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="超時設定">超時設定</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -timeout <span class="m">10</span> </span></span></code></pre></td></tr></table> </div> </div><h2 id="輸出格式">輸出格式</h2> <h3 id="json-輸出">JSON 輸出</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.json -of json </span></span></code></pre></td></tr></table> </div> </div><h3 id="csv-輸出">CSV 輸出</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.csv -of csv </span></span></code></pre></td></tr></table> </div> </div><h3 id="html-報告">HTML 報告</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.html -of html </span></span></code></pre></td></tr></table> </div> </div><h2 id="設定檔">設定檔</h2> <h3 id="ffufrc">~/.ffufrc</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-ini" data-lang="ini"><span class="line"><span class="cl"><span class="k">[http]</span> </span></span><span class="line"><span class="cl"><span class="na">timeout</span> <span class="o">=</span> <span class="s">10</span> </span></span><span class="line"><span class="cl"><span class="na">method</span> <span class="o">=</span> <span class="s">GET</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">[general]</span> </span></span><span class="line"><span class="cl"><span class="na">threads</span> <span class="o">=</span> <span class="s">50</span> </span></span><span class="line"><span class="cl"><span class="na">rate</span> <span class="o">=</span> <span class="s">0</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">[input]</span> </span></span><span class="line"><span class="cl"><span class="na">wordlist</span> <span class="o">=</span> <span class="s">/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">[output]</span> </span></span><span class="line"><span class="cl"><span class="na">format</span> <span class="o">=</span> <span class="s">json</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">[matcher]</span> </span></span><span class="line"><span class="cl"><span class="na">status</span> <span class="o">=</span> <span class="s">200,204,301,302,307,401,403,405</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="使用設定檔">使用設定檔</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -config ~/.ffufrc -u https://target.com/FUZZ </span></span></code></pre></td></tr></table> </div> </div><h2 id="實戰範例">實戰範例</h2> <h3 id="api-端點探測">API 端點探測</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://api.target.com/v1/FUZZ <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w /usr/share/seclists/Discovery/Web-Content/api/api-endpoints.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -mc 200,201,204 <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -H <span class="s2">&#34;Authorization: Bearer token&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="敏感檔案尋找">敏感檔案尋找</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w /usr/share/seclists/Discovery/Web-Content/quickhits.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -mc 200,403 </span></span></code></pre></td></tr></table> </div> </div><h3 id="備份檔案探測">備份檔案探測</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w /usr/share/seclists/Discovery/Web-Content/Common-Backups/common-backup-files.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -e .bak,.old,.backup,.zip,.tar.gz </span></span></code></pre></td></tr></table> </div> </div><h3 id="子域名接管檢測">子域名接管檢測</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u http://FUZZ.target.com <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -w subdomains.txt <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -H <span class="s2">&#34;Host: FUZZ.target.com&#34;</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> -mr <span class="s2">&#34;not found|NXDOMAIN|unclaimed&#34;</span> </span></span></code></pre></td></tr></table> </div> </div><h2 id="與其他工具整合">與其他工具整合</h2> <h3 id="搭配-subfinder">搭配 Subfinder</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">subfinder -d target.com -silent <span class="p">|</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> sed <span class="s1">&#39;s/$/.target.com/&#39;</span> <span class="p">|</span> <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span> ffuf -u http://FUZZ -w - -mc <span class="m">200</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="搭配-httpx">搭配 httpx</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -o results.json -of json </span></span><span class="line"><span class="cl">cat results.json <span class="p">|</span> jq -r <span class="s1">&#39;.results[].url&#39;</span> <span class="p">|</span> httpx -title -tech-detect </span></span></code></pre></td></tr></table> </div> </div><h3 id="搭配-nuclei">搭配 Nuclei</h3> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -u https://target.com/FUZZ -w wordlist.txt -mc <span class="m">200</span> -o urls.txt -of csv </span></span><span class="line"><span class="cl">nuclei -l urls.txt -t exposures/ </span></span></code></pre></td></tr></table> </div> </div><h2 id="相關連結">相關連結</h2> <ul> <li><a class="link" href="https://github.com/ffuf/ffuf" target="_blank" rel="noopener" >GitHub Repository</a></li> <li><a class="link" href="https://github.com/danielmiessler/SecLists" target="_blank" rel="noopener" >SecLists</a></li> </ul> <h2 id="延伸閱讀">延伸閱讀</h2> <ul> <li><a class="link" href="https://astroicers.link/p/seclists-pentest-wordlists/" >SecLists 滲透測試字典</a></li> <li><a class="link" href="https://astroicers.link/p/nuclei-vulnerability-scanner/" >Nuclei 漏洞掃描工具</a></li> <li><a class="link" href="https://astroicers.link/p/subfinder-subdomain-enumeration/" >Subfinder 子域名列舉工具</a></li> </ul>