Build your first Claude Code app

free beta with Pawgrammer

FFUF Claude Skill

Integrates the ffuf web fuzzer for web security testing and reconnaissance. Discover hidden directories, files, subdomains, and API endpoints with intelligent fuzzing.

development

Who this is for: Security professionals and developers who need to perform authorized web security testing, directory enumeration, and vulnerability discovery using the ffuf web fuzzer.

What This Skill Does

Integrates the ffuf (Fuzz Faster U Fool) web fuzzer for intelligent web security testing and reconnaissance tasks, enabling Claude to perform directory discovery, subdomain enumeration, and API endpoint finding.

Core Capabilities

  • Intelligent Fuzzing — Claude interprets testing goals and configures ffuf appropriately
  • Result Analysis — Automatic filtering and analysis of ffuf output
  • Safe Defaults — Includes rate limiting and sensible defaults to avoid aggressive testing
  • Wordlist Management — Helps select appropriate wordlists for different scenarios
  • Multiple Target Types — Directories, files, subdomains, API endpoints, parameters
  • Output Filtering — Filter by status code, size, words, lines for precise results

Usage

Directory Discovery

Fuzz the /api endpoint on example.com for hidden paths

Find common directories on https://example.com

Subdomain Enumeration

Enumerate subdomains for target.com

API Endpoint Discovery

Find API endpoints on api.example.com

File Discovery

Test for backup files on the /admin path

Find configuration files on the target

Example Output

User: "Find common directories on https://example.com"

Output:

MARKDOWN
## FFUF Scan Results

Target: https://example.com/FUZZ
Wordlist: /usr/share/wordlists/dirb/common.txt
Threads: 40

### Discovered Directories (Status 200)

| Path | Status | Size | Words |
|------|--------|------|-------|
| /admin | 200 | 1.2K | 45 |
| /api | 200 | 890B | 32 |
| /images | 200 | 2.1K | 12 |
| /static | 200 | 1.5K | 8 |

### Filtered Results
- Total requests: 4614
- Valid results: 4
- Filtered out: 4610 (by size/words)

Summary: 4 directories discovered with valid content.

Prerequisites

Install ffuf

macOS:

BASH
brew install ffuf

Linux:

BASH
go install github.com/ffuf/ffuf/v2@latest

Verify Installation:

BASH
ffuf --version

Installation

BASH
# Clone repository
git clone https://github.com/jthack/ffuf_claude_skill

# Copy to skills directory
mkdir -p ~/.claude/skills
cp -r ffuf_claude_skill/ffuf-skill ~/.claude/skills/

Safety & Ethics

IMPORTANT: This skill is for defensive security purposes only.

DoDon't
Test systems you ownTest without permission
Respect rate limitsCause service disruption
Follow responsible disclosureIgnore applicable laws
Use for authorized testingUse for malicious purposes

Unauthorized testing of systems is illegal and unethical.

Common Use Cases

TaskExample Command
Directory Fuzzingffuf -u https://target.com/FUZZ -w wordlist.txt
Subdomain Enumffuf -u https://FUZZ.target.com -w subdomains.txt
Parameter Fuzzingffuf -u https://target.com/page?param=FUZZ -w params.txt
Vhost Discoveryffuf -u https://target.com -H "Host: FUZZ" -w vhosts.txt
Extension Fuzzingffuf -u https://target.com/FUZZ -w wordlist.txt -e .php,.asp,.aspx

Output Options

FlagDescription
-jsonOutput in JSON format for parsing
-csvOutput in CSV format
-of htmlOutput in HTML format
-o output.txtSave output to file

Filtering Options

FlagDescription
-fc 404Filter out status 404
-fs 1234Filter by response size
-fw 100Filter by word count
-fl 50Filter by line count

Related Use Cases

  • Web application security assessments
  • Bug bounty reconnaissance
  • Penetration testing engagements
  • Security audit preparation
  • Attack surface discovery
  • API endpoint enumeration
  • Hidden resource discovery