To fuzz the URI path, let's execute the following command:

./ffuf -c -w <wordlist> -u <url>/FUZZ

The following screenshot shows the output of the preceding command:

In both of the preceding cases, the FUZZ keyword is replaced with the wordlist entries that are used for fuzzing the directory names. As we can see in the preceding screenshot, the server responded with HTTP 301 when the fuzzer requested css, img, js, and setup. Observing the size of the response and the words, we can conclude that the fuzzer was able to find directories in the web application server.