From 244adf4116f01f17f341e177cc928e544a1b38fd Mon Sep 17 00:00:00 2001
From: Alexandre ZANNI <16578570+noraj@users.noreply.github.com>
Date: Tue, 26 Jul 2022 19:19:40 +0200
Subject: [PATCH] add 2 snippers for HTTP basic auth

---
 README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/README.md b/README.md
index a179b19..c8d2989 100644
--- a/README.md
+++ b/README.md
@@ -7,12 +7,29 @@ A collection of scripts that enable different kinds of payloads to be used with
 A script that generates base64 encoded combinations of username:password values in the provided wordlists. Iterates through every possible combination.
 
 #### Example usage
+
 Test each HTTP basic authentication username:password combination in https://example.org/endpoint, and filter out 403 - Forbidden responses.
 
 ```
 ./ffuf_basicauth.sh usernames.txt passwords.txt |ffuf -w -:AUTH -u https://example.org/endpoint -H "Authorization: Basic AUTH" -fc 403 -c
 ```
 
+### Cook - HTTP Basic authentication
+
+Test each HTTP basic authentication username:password combination in https://example.org/endpoint, and filter out 403 - Forbidden responses.
+
+```
+cook fz-http_default_users.txt : fz-http_default_pass.txt -m b64e | ffuf -u https://example.org/endpoint -w -:AUTH -H "Authorization: Basic AUTH" -fc 403
+```
+
+### fuff only - HTTP Basic authentication
+
+Test each HTTP basic authentication username:password combination in https://example.org/endpoint, and filter out 403 - Forbidden responses.
+
+```
+ffuf -u https://USER:PASS@example.org/endpoint -w /usr/share/fuzzdb/wordlists-user-passwd/generic-listpairs/http_default_users.txt:USER -w /usr/share/fuzzdb/wordlists-user-passwd/generic-listpairs/http_default_pass.txt:PASS -fc 403
+```
+
 ## Contributing
 
 We welcome any and all contributions. Please see `ffuf_basicauth.sh` for the preferred script header format for usage examples and author information.