wfuzz Size Exploration - Ariekei [HackTheBox]
I was using wfuzz to scan for virtual hosts on Ariekei from HackTheBox, and one of the subdomains that I knew existed wasn't showing up. I'll do some quick troubleshooting, and learn a valuable lesson about how wfuzz (and other tools) measure size. I'll run a short wordlist through Burp Proxy to look at what's going on, and come to the conclusion that wfuzz (and other tools) doesn't look at HTTP headers when calculating size.
[00:00] Introduction
[00:30] Original wfuzz command
[01:20] Using test list to troubleshoot beehive
[01:40] Using Burp to look at requests
[03:15] Conclusion - wfuzz doesn't look at headers when calculating length
Watch video wfuzz Size Exploration - Ariekei [HackTheBox] online without registration, duration hours minute second in high quality. This video was added by user 0xdf 20 April 2022, don't forget to share it with your friends and acquaintances, it has been viewed on our site 692 once and liked it 52 people.