All of these three things fall in the same general idea; you're shoving forced input into something, usually in an automated way, to achieve some form of outcome. They're used for different things though.
Most commonly used in application testing. Fuzzing takes a variety of input and feeds it into various pieces of logic, usually where users will have the option to provide input, with random or unexpected input. The goal is to uncover behavior you wouldn't expect. You might fuzz for SQLi (SQL Injection) with various SQL statements (think sqlmap, the tool) or you might feed it non-English characters, punctuation, and more. You're basically trying to break your system or ensure that your logic doesn't break when someone puts in an extra ' or ".
Fuzzing on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
Enumeration is the act of, well, enumerating objects. You can enumerate anything. File types, file names, website subdomains, paths, etc etc etc. Commonly enumeration is used in Web Application testing or Capture-The-Flag/HackTheBox type events where you want to uncover hidden directories in a URL, enumerate the types of software installed on a machine, or simply to understand the directory and what exists on the machine as a whole. Other times, in the case of a penetration test, you might want to enumerate valid usernames to try and brute force the passwords
Enumeration is defined as the process of extracting user names, machine names, network resources, shares and services from a system.
Well, brute-forcing is generally mentioned in terms of password cracking- but really the concept can be applied to both fuzzing and enumeration. You're simply taking some type of input, usually stored in the form of a text file full of passwords, naughty SQLi, naughty punctuations, common URLs, usernames, wordlist, etc etc. So long as you're simply "guessing" multiple times until you get the answer. Think of a padlock with 4 numbers on it. You have 0000 - 9999. If you started with 0000...0001...0002...0003..so on, you're brute-forcing the lock. Modern brute-forcing usually involves automated tools.
A brute force attack (also known as brute force cracking) is is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one. The most basic brute force attack is a dictionary attack, where the attacker works through a dictionary of possible passwords and...