wfuzz brute force basic authentication code example
Example 1: find hidden directories and files from a website wfuzz
# Dirb
dirb https://192.168.1.101
# Gobuster - remove relevant responde codes (403 for example)
gobuster -u http://192.168.1.101 -w /usr/share/seclists/Discovery/Web_Content/common.txt -s '200,204,301,302,307,403,500' -e
Example 2: find hidden directories and files from a website wfuzz
wfuzz -c -z file,/root/.ZAP/fuzzers/dirbuster/directory-list-2.3-big.txt --sc 200 http://pegasus.dev:8088/FUZZ.php