By default, feroxbuster scans as an unauthenticated guest. If you provide a session cookie, the tool can:
feroxbuster -u https://example.com/admin -b "auth_token=xyz" -C 404,403 feroxbuster cookie
This method attaches the cookie string to every request sent by the scanner. By default, feroxbuster scans as an unauthenticated guest
Mastering Feroxbuster Cookie Authentication for Authenticated Web Content Discovery feroxbuster cookie
Alternatively, use the --cookie flag for a cleaner syntax if you are only passing standard cookie values.
If the application requires multiple cookies (e.g., a session ID and a security token), you can separate them with a semicolon ; .
By default, feroxbuster scans as an unauthenticated guest. If you provide a session cookie, the tool can:
feroxbuster -u https://example.com/admin -b "auth_token=xyz" -C 404,403
This method attaches the cookie string to every request sent by the scanner.
Mastering Feroxbuster Cookie Authentication for Authenticated Web Content Discovery
Alternatively, use the --cookie flag for a cleaner syntax if you are only passing standard cookie values.
If the application requires multiple cookies (e.g., a session ID and a security token), you can separate them with a semicolon ; .