wfuzz
wfuzz wfuzz is the Python-based brute-forcer that slams wordlists into URL params, headers, or POST bodies, uncovering hidden inputs or vulns with recursion and encoding payloads for thorough coverage. Tune with filters like --hc 404 to weed out noise, chaining outputs to tools for deeper probes in your recon chain. Open-source classic from xmendez, it's the wordlist wizard for pentesters templating input blasts into discovery workflows.
Explore →ffuf
ffuf ffuf is the Go-powered speed demon that fuzzes wordlists against URL positions, vhosts, or extensions, detecting 200s or redirects with auto-calibration for efficient param hunting. Configure recursion and delays via CLI, exporting hits in JSON for scripted follow-ups on promising endpoints. Open-source from ffuf, it's the rapid raider for web explorers wordlisting paths to buried treasures.
Explore →dirsearch
dirsearch dirsearch is the recursive directory fuzzer that deploys wordlists with extensions and status filters to map web structures, spotting param-rich pages or admin panels in the shadows. Run it Python-style on scopes with rate limits, saving results to CSV for post-fuzz prioritization. Open-source from maurosoria, it's the dir diver for recon pros wordlisting hidden directories into visible vectors.
Explore →gobuster
gobuster gobuster is the multi-mode wordlist slinger for DNS subdomains, vhosts, or URL params, brute-forcing with extensions and status codes to expose forgotten inputs or buckets. Launch modes like dns or vhost on targets, piping to grep for clean sweeps in your toolkit. Open-source from OJ, it's the goblet grinder for pentesters pouring wordlists into param pots.
Explore →feroxbuster
feroxbuster feroxbuster is the Rust-forged recursive fuzzer that wordlists directories and params with auto-tuning and recursion, filtering noise for high-fidelity hits on web assets. Customize with extensions and delays via CLI, outputting structured data for chained tools. Open-source from michenriksen, it's the ferox ferret for fuzzers wordlisting paths with precision.
Explore →patator
patator patator is the modular brute-forcer that wordlists inputs for HTTP, SSH, FTP, or SQL auth, templating attacks with plugins for param fuzzing and rate control. Define modules in CLI, feed dicts for multi-vector blasts, and log successes for follow-through. Open-source from lanstair, it's the pattern pounder for pentesters hammering wordlists across protocols.
Explore →thc-hydra
thc-hydra thc-hydra is the parallelized login cracker that wordlists credentials against HTTP forms, SSH, or databases, fuzzing params for weak auth or rate-limit bypasses in services. Configure modules for targets, spraying dicts with threads for speed, and capturing successes in files. Open-source from THC, it's the credential cyclone for testers wordlisting inputs into access grants.
Explore →dirb
dirb dirb is the classic CGI scanner that wordlists directories and params against web servers, detecting hidden files or inputs with speed and extension support for thorough coverage. Launch via CLI with dicts, filtering by codes for clean outputs in your recon logs. Open-source from The Dark Raver, it's the dir buster for old-school pentesters wordlisting paths the hard way.
Explore →ZAP Fuzzer
ZAP Fuzzer ZAP Fuzzer is the OWASP extension for wordlist-driven input blasting in payloads, headers, or params, automating fuzz sessions with payloads from files for vuln discovery. Integrate into ZAP's GUI, select sites, and run with custom dicts for targeted mutations. Open-source from OWASP, it's the proxy param pummeler for web fuzzers wordlisting through Burp-like interfaces.
Explore →Burp Intruder