A Claude Code skill that integrates the powerful web fuzzer ffuf (Fuzz Faster U Fool) for web security testing and reconnaissance tasks. This skill enables Claude Code to perform intelligent web fuzzing operations using ffuf, making it easier to discover hidden directories, files, subdomains, and API endpoints. - ffuf must be installed on your system - Claude Desktop application - Appropriate auth
Add this skill
npx mdskills install jthack/ffuf-claude-skillProvides no actionable instructions or practical guidance for using ffuf
1# FFUF Skill for Claude Code23A Claude Code skill that integrates the powerful web fuzzer [ffuf](https://github.com/ffuf/ffuf) (Fuzz Faster U Fool) for web security testing and reconnaissance tasks.45## Overview67This skill enables Claude Code to perform intelligent web fuzzing operations using ffuf, making it easier to discover hidden directories, files, subdomains, and API endpoints.89## Prerequisites1011- [ffuf](https://github.com/ffuf/ffuf) must be installed on your system12- Claude Desktop application13- Appropriate authorization to test target systems1415### Installing ffuf1617**macOS:**18```bash19brew install ffuf20```2122**Linux:**23```bash24go install github.com/ffuf/ffuf/v2@latest25```2627**Other methods:** See the [official ffuf repository](https://github.com/ffuf/ffuf)2829## Installation30311. Clone this repository:32```bash33git clone https://github.com/jthack/ffuf_claude_skill34```35362. Copy the skill folder to Claude Code's skills directory:37```bash38mkdir -p ~/.claude/skills39cp -r ffuf_claude_skill/ffuf-skill ~/.claude/skills/40```41423. The skill is now available for Claude Code to use!4344## Usage4546Once installed, you can ask Claude Code to perform ffuf operations naturally:4748- "Fuzz the /api endpoint on example.com for hidden paths"49- "Enumerate subdomains for target.com"50- "Find common directories on https://example.com"51- "Test for backup files on the /admin path"5253Claude will automatically invoke the ffuf skill and interpret the results for you.5455## Features5657- **Intelligent Fuzzing**: Claude interprets your testing goals and configures ffuf appropriately58- **Result Analysis**: Automatic filtering and analysis of ffuf output59- **Safe Defaults**: Includes rate limiting and sensible defaults to avoid aggressive testing60- **Wordlist Management**: Helps select appropriate wordlists for different testing scenarios6162## Safety & Ethics6364**IMPORTANT**: This skill is designed for defensive security purposes only:6566- Only test systems you own or have explicit permission to test67- Respect rate limits and avoid causing service disruption68- Follow responsible disclosure practices69- Comply with applicable laws and regulations7071Unauthorized testing of systems is illegal and unethical.7273## Contributing7475Contributions are welcome! Please feel free to submit issues or pull requests.7677## License7879MIT License - See LICENSE file for details8081## Disclaimer8283This tool is provided for educational and authorized security testing purposes only. Users are responsible for complying with all applicable laws and obtaining proper authorization before testing any systems.84
Full transparency — inspect the skill content before installing.