NEW Browse AI tools across categories — updated daily. See what's new →
Security

FFUF Web Fuzzing

Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing

Authorjthack
Version1.0.0
LicenseMIT
Token count~879
UpdatedJun 5, 2026

Install

Quick install

via npx skills · works with 57+ agents
npx skills add https://github.com/jthack/ffuf_claude_skill
Or pick agent:
npx skills add jthack/ffuf_claude_skill --agent claude-code
npx skills add jthack/ffuf_claude_skill --agent cursor
npx skills add jthack/ffuf_claude_skill --agent codex
npx skills add jthack/ffuf_claude_skill --agent opencode
npx skills add jthack/ffuf_claude_skill --agent github-copilot
npx skills add jthack/ffuf_claude_skill --agent windsurf
More install options

Shorthand — useful for multi-skill repos:

npx skills add jthack/ffuf_claude_skill

Manual — clone the repo and drop the folder into your agent's skills directory:

git clone https://github.com/jthack/ffuf_claude_skill.git
cp -r ffuf_claude_skill ~/.claude/skills/
How to use: Once installed, ask your agent to "use the FFUF Web Fuzzing skill" or describe what you want (e.g. "Fast web fuzzer for discovering hidden content, directories, files, and vulnerab"). Requires Node.js 18+.

FFUF Web Fuzzing

Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing

What is it?
Expert guidance for using ffuf (Fuzz Faster U Fool), a fast web fuzzer designed for discovering hidden content, directories, files, subdomains, and testing for vulnerabilities during penetration testing. Significantly faster than traditional tools like dirb or dirbuster, with a core focus on auto-calibration to dramatically reduce false positives and make results analysis easier for both humans and AI.

How to use it?

The skill emphasizes a best-practices workflow:

*
Always Use Auto-Calibration - The -ac flag is mandatory for productive pentesting. It automatically detects and filters repetitive false positives, removes noise from dynamic websites, and adapts to the target's specific behavior.

*
Basic Discovery - Start with simple directory fuzzing:

`ffuf -w wordlist.txt -u https://target.com/FUZZ -ac
`

*
Authenticated Fuzzing - For complex authentication, use raw requests instead of command-line flags:

  • Capture authenticated request from Burp Suite or DevTools
  • Save to req.txt with FUZZ keyword in desired location
  • Run: ffuf --request req.txt -w wordlist.txt -ac

*
Advanced Scenarios - Subdomain enumeration, parameter fuzzing, API endpoint discovery, and vulnerability testing with appropriate filtering and rate limiting.

Always save results (-o results.json -of json) and use rate limiting for stealth (-rate 2 -t 10).

Key Features

  • Auto-calibration (-ac flag) - Automatically filters repetitive responses and adapts to target behavior
  • High-speed fuzzing - Multi-threaded concurrent processing, significantly faster than dirb/dirbuster
  • Authenticated fuzzing with raw requests - Supports JWT tokens, session cookies, CSRF tokens via captured HTTP requests
  • Comprehensive testing capabilities - Directory/file discovery, subdomain enumeration, parameter fuzzing, API endpoints, vulnerability testing
  • Advanced filtering system - Filter by status code, size, regex, line count; interactive mode for runtime adjustments
  • Stealth features - Rate limiting and thread control for avoiding detection
  • Result preservation - JSON output format for programmatic analysis and reporting
  • Defensive security focus - Designed for authorized penetration testing, security research, and responsible disclosureView on GitHub

GitHub Stats

StarsForksLast UpdateAuthorjthackLicenseMITVersion1.0.0

Categories

SecurityDeveloper Tools

Tags

securityfuzzingpenetration-testingweb-securityvulnerability-scanning

Features

💻 Code Execution

Related Skills

More from Security

Codebase Auditor

Comprehensive codebase audit across 6 dimensions: architecture, code quality, security (OWASP Top 10), performance, testing coverage, and maintainability with prioritized action plan

350mhattingpeteDeveloper ToolsSecurity00

Trail of Bits Security Research

45 security research and vulnerability detection skills from Trail of Bits

3.6kTrail of Bitssecurity-researchfuzzingstatic-analysisvulnerability00

Algorithmic Art

Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration

5.3kAnthropicCreativeDeveloper Tools00

---

Source: https://github.com/jthack/ffuf_claude_skill
Author: jthack
License: https://opensource.org/licenses/MIT
GitHub Stars: 150
Tags: security, fuzzing, penetration-testing, web-security, vulnerability-scanning

SKILL.md source

---
name: FFUF Web Fuzzing
description: Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing
---

# FFUF Web Fuzzing

Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing

What is it?
Expert guidance for using ffuf (Fuzz Faster U Fool), a fast web fuzzer designed for discovering hidden content, directories, files, subdomains, and testing for vulnerabilities during penetration testing. Significantly faster than traditional tools like dirb or dirbuster, with a core focus on auto-calibration to dramatically reduce false positives and make results analysis easier for both humans and AI.

## How to use it?
The skill emphasizes a best-practices workflow:

*
Always Use Auto-Calibration - The `-ac` flag is mandatory for productive pentesting. It automatically detects and filters repetitive false positives, removes noise from dynamic websites, and adapts to the target's specific behavior.

*
Basic Discovery - Start with simple directory fuzzing:

```
`ffuf -w wordlist.txt -u https://target.com/FUZZ -ac
`
```

*
Authenticated Fuzzing - For complex authentication, use raw requests instead of command-line flags:

* Capture authenticated request from Burp Suite or DevTools

* Save to `req.txt` with FUZZ keyword in desired location

* Run: `ffuf --request req.txt -w wordlist.txt -ac`

*
Advanced Scenarios - Subdomain enumeration, parameter fuzzing, API endpoint discovery, and vulnerability testing with appropriate filtering and rate limiting.

Always save results (`-o results.json -of json`) and use rate limiting for stealth (`-rate 2 -t 10`).

## Key Features

* Auto-calibration (-ac flag) - Automatically filters repetitive responses and adapts to target behavior
* High-speed fuzzing - Multi-threaded concurrent processing, significantly faster than dirb/dirbuster
* Authenticated fuzzing with raw requests - Supports JWT tokens, session cookies, CSRF tokens via captured HTTP requests
* Comprehensive testing capabilities - Directory/file discovery, subdomain enumeration, parameter fuzzing, API endpoints, vulnerability testing
* Advanced filtering system - Filter by status code, size, regex, line count; interactive mode for runtime adjustments
* Stealth features - Rate limiting and thread control for avoiding detection
* Result preservation - JSON output format for programmatic analysis and reporting
* Defensive security focus - Designed for authorized penetration testing, security research, and responsible disclosureView on GitHub

### GitHub Stats
StarsForksLast UpdateAuthorjthackLicenseMITVersion1.0.0

### Categories
SecurityDeveloper Tools

### Tags
securityfuzzingpenetration-testingweb-securityvulnerability-scanning

### Features
💻 Code Execution

## Related Skills
More from Security

### Codebase Auditor
Comprehensive codebase audit across 6 dimensions: architecture, code quality, security (OWASP Top 10), performance, testing coverage, and maintainability with prioritized action plan

350mhattingpeteDeveloper ToolsSecurity00

### Trail of Bits Security Research
45 security research and vulnerability detection skills from Trail of Bits

3.6kTrail of Bitssecurity-researchfuzzingstatic-analysisvulnerability00

### Algorithmic Art
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration

5.3kAnthropicCreativeDeveloper Tools00

---

**Source**: https://github.com/jthack/ffuf_claude_skill
**Author**: jthack
**License**: https://opensource.org/licenses/MIT
**GitHub Stars**: 150
**Tags**: security, fuzzing, penetration-testing, web-security, vulnerability-scanning

Related skills 6

azure-validate

★ Featured Official

Pre-deployment validation for Azure readiness. Run deep checks on configuration, infrastructure (Bicep or Terraform), RBAC role assignments, managed identity permissions, and prerequisites before deploying. WHEN: validate my app, check deployment readiness, run preflight checks, verify configuration, check if ready to deploy, validate azure.yaml, validate Bicep, test before deploying, troubleshoot deployment errors, validate Azure Functions, validate function app, validate serverless deployme...

microsoft 337k
Security

entra-app-registration

★ Featured Official

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), general Azure resource security guidance.

microsoft 337k
Security

azure-rbac

★ Featured Official

Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. Also provides guidance on permissions required to grant roles. WHEN: bicep for role assignment, what role should I assign, least privilege role, RBAC role for, role to read blobs, role for managed identity, custom role definition, assign role to identity, what role do I need to grant access, permissions to assign roles.

microsoft 337k
Security

azure-compliance

★ Featured Official

Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture checks. WHEN: compliance scan, security audit, BEFORE running azqr (compliance cli tool), Azure best practices, Key Vault expiration check, expired certificates, expiring secrets, orphaned resources, compliance assessment.

microsoft 337k
Security

azure-enterprise-infra-planner

★ Featured Official

Architect and provision enterprise Azure infrastructure from workload descriptions. For cloud architects and platform engineers planning networking, identity, security, compliance, and multi-resource topologies with WAF alignment. Generates Bicep or Terraform directly (no azd). WHEN: 'plan Azure infrastructure', 'architect Azure landing zone', 'design hub-spoke network', 'plan multi-region DR topology', 'set up VNets firewalls and private endpoints', 'subscription-scope Bicep deployment', 'Az...

microsoft 175k
Security

azure-kubernetes

★ Featured Official

Plan, create, and configure production-ready Azure Kubernetes Service (AKS) clusters. Covers Day-0 checklist, SKU selection (Automatic vs Standard), networking options (private API server, Azure CNI Overlay, egress configuration), security, and operations (autoscaling, upgrade strategy, cost analysis). WHEN: create AKS environment, provision AKS environment, enable AKS observability, design AKS networking, choose AKS SKU, secure AKS, optimize AKS, rightsize AKS pod, AKS spot nodes, AKS cluste...

microsoft 168k
Security