这是indexloc提供的服务,不要输入任何密码
Skip to content

Add -unique flag for filtering duplicate response sizes #822

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Add -unique flag for filtering duplicate response sizes #822

wants to merge 6 commits into from

Conversation

h0tak88r
Copy link

@h0tak88r h0tak88r commented Dec 4, 2024
edited
Loading

Add -unique flag for filtering duplicate response sizes

Description

This PR adds a new -unique flag to ffuf that filters out responses with duplicate sizes, showing only the first occurrence of each unique response size. This feature helps reduce noise in the output and makes it easier to identify distinct responses during fuzzing.

Features

  • New command line flag: -unique
  • When enabled, only shows the first occurrence of responses with the same size
  • Integrated with both normal and JSON output modes
  • Thread-safe implementation for concurrent fuzzing

Implementation Details

  • Added UniqueSizeFilter to handle response size filtering
  • Integrated with existing output system to maintain compatibility
  • Thread-safe using mutex to handle concurrent requests
  • Zero performance impact when feature is disabled

Use Case

When fuzzing endpoints, responses with the same size often indicate similar or identical content. By showing only unique sizes, users can more easily identify distinct responses that might indicate successful fuzzing attempts.

Example usage:

ffuf -w wordlist.txt -u https://target/FUZZ -unique

Testing

  • Tested with concurrent requests to ensure thread safety
  • Verified behavior with both normal and JSON output modes
  • Confirmed zero impact on performance when disabled
  • Tested with various response sizes and content types

Documentation

  • Added help text and usage information
  • Updated README with new flag description
  • This PR description highlights the key aspects of the feature, its implementation, and testing, making it clear to reviewers what the change does and why it's valuable.
  • Would you like me to help you refine any part of this PR description or provide more specific technical details about the implementation?

h0tak88r added 6 commits December 4, 2024 18:51
new flag for unique results
c914aa8
Fix module path in go.mod
8f76a58
fixed the issue in go.mod
68876a0
docs: update README with unique flag feature and fork information
e4762f7
Fix -unique flag to show first URL for each response size
cb54545 
Previously, the -unique flag would filter out all URLs with duplicate
response sizes, showing no results when all responses had the same size.
Now it keeps the first URL encountered for each unique response size,
ensuring at least one example is shown for each size.
Bump version to 2.1.1
dff8c53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@h0tak88r