In this video, I walk through the "filtering results" exercise in the FFUF HTB Academy module.
The link below helps explain how virtual hosts work. As a quick summary, you can run several websites on the same server. So in order to locate those extra websites or domains, we need to do virtual host fuzzing.
When a webserver receives a request, it looks for the hostname in the HTTP header, and depending on the hostname, it serves different websites. So when we're fuzzing for those different websites/domains, we're using that common subdomain wordlist and see which ones return results. This means we need to filter the results that we get initially when we run our first ffuf command that you will see in the video.
www.thegeekstu...
4 окт 2024