Cyber security

Firefly : Revolutionizing Security Testing With Advanced Black-Box Fuzzing

Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target.

Advantages

  • Hevy use of gorutines and internal hardware for great preformance
  • Built-in engine that handles each task for “x” response results inductively
  • Highly cusomized to handle more complex fuzzing
  • Filter options and request verifications to avoid junk results
  • Friendly error and debug output
  • Build in payloads (default list are mixed with the wordlist from seclists)
  • Payload tampering and encoding functionality

Installation

go install -v github.com/Brum3ns/firefly/cmd/firefly@latest

Usage

Simple

firefly -h
firefly -u 'http://example.com/?query=FUZZ'

Advanced usage

Request

Different types of request input that can be used

Basic

firefly -u 'http://example.com/?query=FUZZ' --timeout 7000

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityFireflyinformationsecuritykalilinuxkalilinuxtools
6 months ago

Recent Posts

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

1 day ago

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

1 day ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

1 day ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

1 day ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

2 days ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

2 days ago