FFUF New Feature Request

[0xxcharan]

hey there,

can we we ffuf feature where it only give output unique responses only suppose /admin and /test has same size like 329 it should output only unique size either it can be either /admin or /test

[bug-vs-me]

Like if there is more then 4 response with same response size like! Here it's 2. and 30 `` /test. size 2 code 200 /bugvsme size 2 code 200 . . . /xyz size 2 code 200

/Phymyadmin size 5600 code 200

/aaa size 30 code 200 /bbb size 30 code 200 /ccc size 30 code 200 . . . /zzz size 30 code 200

/admin size 4560 code 200 ``

So output should be like

/Phymyadmin size 5600 code 200 /admin size 4560 code 200

ffuf should ignore all multiple duplicates and mark them as duplicate and don't show in results

This can be done by delay in result output so that ffuf can process this

Hope you can understand this

As bug bounty hunter this can be usefull add-on

Thank you

[sk0x1234]

can you not use -fs filter out ?

[joohoi]

On idea level this is really good, but unfortunately implementing it would require too many compromises for other features and behavior of the tool. I'm listing couple of (unsorted) random thoughts about this below:

Tough nuts to crack:

• What is good enough indicator for a duplicate result? Response size? Body / Header hash? What if headers include something simple like server timestamp (would make it unique for each second)
• How to handle long runs. Let's say a run that takes an hour, with 10k+ potential results. The first and last response are duplicates. Should the user wait for an hour before any output?
• Filtering huge datasets will be very resource intense

While reworking the autocalibration feature, I looked into different diff algorithms to determine uniqueness of the responses and battle tested them in a real-life scenario, but unfortunately they were all too slow to get implemented.