FFUF aka Fuzz Faster U Fool is a tool used for fuzzing directories, subdomains, vhosts, and POST data bruteforcing written in Go. It is generally very fast, provided your internet can handle it.
I normally only use it for subdomain discovery, so this is what I will focus the usage on.
Again, FFUF is a really complete tool for fuzzing and listing all usages would be infinite. Instead, I will focus on subdomain discovery commands.
ffuf -w subdomains.txt -u http://website.com/ -H "Host: FUZZ.website.com"
ffuf -w sublists.txt -u http://website.com/ -H "Host: FUZZ.website.com" -fw 3913
ffuf -w sublists.txt -u http://website.com/ -H "Host: FUZZ.website.com" -fc 401
/'___\ /'___\ /'___\
/\ \__/ /\ \__/ __ __ /\ \__/
\ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
\ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
\ \_\ \ \_\ \ \____/ \ \_\
\/_/ \/_/ \/___/ \/_/
v1.3.1
________________________________________________
:: Method : GET
:: URL : https://ffuf.io.fi/
:: Wordlist : FUZZ: /home/max/Subdomain.txt
:: Header : Host: FUZZ
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200,204,301,302,307,401,403,405
________________________________________________
news [Status: 200, Size: 16, Words: 1, Lines: 4]
admin [Status: 200, Size: 16, Words: 1, Lines: 4]
newsletter [Status: 200, Size: 16, Words: 1, Lines: 4]
search [Status: 200, Size: 16, Words: 1, Lines: 4]
mobile [Status: 200, Size: 16, Words: 1, Lines: 4]
ns3 [Status: 200, Size: 16, Words: 1, Lines: 4]
mail [Status: 200, Size: 16, Words: 1, Lines: 4]
api [Status: 200, Size: 16, Words: 1, Lines: 4]
ns1 [Status: 200, Size: 16, Words: 1, Lines: 4]
dns2 [Status: 200, Size: 16, Words: 1, Lines: 4]