Firefly is an advanced black-box fuzzer designed to detect vulnerabilities in web applications through customizable payloads and intelligent request handling.
Black box fuzzer for web applications
Firefly is used by security researchers and penetration testers to identify security weaknesses in web applications by fuzzing input parameters with a variety of payloads and request types. It is ideal for black-box testing scenarios where internal knowledge of the target is limited, enabling automated discovery of unexpected behaviors and vulnerabilities.
For optimal results, users should leverage the request verifier feature to tailor fuzzing behavior to the target, balancing quality and performance based on hardware capabilities. Payload customization and tampering allow adapting to complex targets but require understanding of payload effects. Familiarity with Go environment is necessary for installation. Avoid excessive fuzzing on production systems to prevent unintended disruptions.
Run `go install -v github.com/Brum3ns/firefly/cmd/firefly@latest`
Alternatively, run `go get -v github.com/Brum3ns/firefly/cmd/firefly`
If above methods fail, clone the repo with `git clone https://github.com/Brum3ns/firefly.git`
Navigate into the directory: `cd firefly/`
Build the binary: `go build cmd/firefly/firefly.go`
Run the tool: `./firefly -h` to verify installationfirefly -h
Displays help information and usage options.
firefly -u 'http://example.com/?query=FUZZ'
Performs a basic fuzzing scan on the specified URL parameter.
firefly -u 'http://example.com/?query=FUZZ' --timeout 7000
Runs fuzzing with a custom timeout of 7000 milliseconds.
firefly -u 'http://example.com/?query=FUZZ' -m GET,POST,PUT -p https,http,ws
Fuzzes the target using multiple HTTP methods and protocols.
echo 'http://example.com/?query=FUZZ' | firefly
Uses pipeline input to fuzz the given URL.
firefly -r ' GET /?query=FUZZ HTTP/1.1 Host: example.com User-Agent: FireFly'
Fuzzes using a raw HTTP GET request with automatic parameter detection.
firefly -r ' POST /?A=1 HTTP/1.1 Host: example.com User-Agent: FireFly X-Host: FUZZ B=2&C=3' -au replace
Fuzzes using a raw HTTP POST request with advanced parameter replacement.
firefly -u 'http://example.com/?query=FUZZ' -e
Enables request verifier to improve fuzzing quality by analyzing target behavior.
firefly -show-payload
Displays the format of all built-in payloads and exits.
firefly -list-tamper
Lists all available payload tampering options.
firefly -u 'http://example.com/?query=FUZZ' -e s2c
Applies specified tamper(s) to all payloads during fuzzing.
firefly -u 'http://example.com/?query=FUZZ' -e hex
Encodes all payloads in hexadecimal format.
firefly -u 'http://example.com/?query=FUZZ' -e hex,url
Encodes all payloads first in hex then URL encodes them.
firefly -u 'http://example.com/?query=FUZZ' -pr '\([0-9]+=[0-9]+\) => (13=(37-24))'
Performs regex-based replacement on payloads according to the specified pattern.
firefly -u 'http://example.com/?query=FUZZ' -fc 302 -fl 0
Filters out responses with status code 302 and zero line count.