VAF – Fast and Advance Fuzzer Tool in Kali Linux
In this article, we are going to see the VAF tools, which is used to automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program and detect the bug.
URL Fuzzing is the art of finding hidden files and directories on the target domain server. These files and directories can have sensitive data and information that can reveal the application’s internal architecture. Doing this fuzzing task in an automated way makes it a more straightforward and time saver process for every penetration tester. VAF is the computerized tool used to fuzz the files and directories from the target domain. VAF tool is open-source and free to use. We can filter out our results by excluding specific status codes and including only the essential extensions of files like .php, .html.
Installation of VAF Tool on Kali Linux
Step 1: Open up your Kali Linux terminal and move to Desktop using the following command.
cd Desktop
Step 2: You are on Desktop now create a new directory called VAF using the following command. In this directory, we will complete the installation of the VAF tool.
mkdir VAF
Step 3: Now switch to the VAF directory using the following command.
cd VAF
Step 4: Now you have to install the tool. You have to clone the tool from GitHub.
git clone https://github.com/d4rckh/vaf.git
Step 5: The tool has been downloaded successfully in the VAF directory. Now list out the contents of the tool by using the below command.
ls
Step 6: You can observe that there is a new directory created of the VAF tool that has been generated while we were installing the tool. Now move to that directory using the below command:
cd vaf
Step 7: Once again to discover the contents of the tool, use the below command.
ls
Step 8: Run the Bash Script using the following command.
./vaf_linux_amd64 -h
Working with Vaf Tool on Kali Linux
Example 1: Simple Fuzz
In this example, We will be fuzzing files and directories from the target domain testphp.vulnweb.com. We have specified the target domain in the -u tag and specified the wordlist of possible files and directories phrases in the -w tag.
./vaf_linux_amd64 -u http://testphp.vulnweb.com/[] -w /usr/share/wordlists/dirb/common.txt
In the below Screenshot, We have got the results or the directories and files hosted on the target domain server.
Example 2: Specific Response Code
In this example, We will be fuzzing the directories and files with all the status code responses. We have used -sc tag to use all status codes.
./vaf_linux_amd64 -u http://testphp.vulnweb.com/[ ] -sc any -w /usr/share/wordlists/dirb/common.txt
In the below Screenshot, We have got the results of various status codes like 200, 404.
Example 3: Specific Extension Files
In this example, We will be fuzzing directories and files with a specific extension like PHP, HTML. We have used -sf tag to specify the extensions.
./vaf_linux_amd64 -u http://testphp.vulnweb.com/[] -w /usr/share/wordlists/dirb/common.txt -sf .php,.html
In the below Screenshot, We have got the results which are only the files that have the extension of .php, .html.
Example 4: Print URL
In this example, We will be displaying the full URL of identified files and directories.
./vaf_linux_amd64 -u http://testphp.vulnweb.com/[] -w /usr/share/wordlists/dirb/common.txt -sf .php,.html -pu
In the below Screenshot, We have got the full URL of identified files and directories.
In the below Screenshot, We are actually visiting the URL which contains file 404.php.