jthack/ffuf-claude-skill
VerifiedAdds ffuf web fuzzing to Claude Code for smarter directory and endpoint discovery.
What is jthack/ffuf-claude-skill?
The ffuf-claude-skill brings the ffuf command-line fuzzer into Claude Code environments. It lets the AI agent translate testing goals into appropriate ffuf commands, run them, and summarize findings without requiring manual flag setup.
Claude manages wordlist selection, applies sensible rate limiting, and filters output to highlight relevant results. The skill is intended for security professionals and developers who already have permission to test target systems and need help orchestrating repeated fuzzing tasks.
It works by exposing ffuf operations through Claude's skill interface, so prompts like subdomain enumeration or backup-file searches trigger the tool automatically and return analyzed results.
Capabilities
What you can build with jthack/ffuf-claude-skill
Hidden path discovery
Ask Claude to fuzz an API endpoint or web root to locate unlinked directories and files using appropriate wordlists.
Subdomain enumeration
Request subdomain discovery on a target domain and receive filtered ffuf output with only responsive hosts.
Backup and config file checks
Test specific paths for common backup or configuration files while Claude enforces rate limits to stay polite.
Install jthack/ffuf-claude-skill
git clone https://github.com/jthack/ffuf_claude_skillbrew install ffuf- 1Install ffuf on your system using the method for your OS (brew, go install, etc.).
- 2Clone the repository with git clone https://github.com/jthack/ffuf_claude_skill.
- 3Create the skills folder if needed and copy the ffuf-skill directory into ~/.claude/skills/.
- 4Restart Claude Desktop so the new skill is loaded.
- 5Start a conversation and describe the fuzzing task you want performed on an authorized target.
Works with
jthack/ffuf-claude-skill: pros & cons
Pros
- +Lets Claude automatically choose suitable ffuf options and wordlists
- +Includes built-in safety defaults to reduce risk of aggressive scans
- +Returns interpreted results instead of raw ffuf output
- +Works through ordinary chat prompts once installed
Cons
- –Requires ffuf to be installed separately on the host machine
- –Only useful inside Claude Code / Claude Desktop environments
- –Still demands explicit user authorization for every target
Frequently asked questions
No. You describe the goal in plain language and Claude configures and runs ffuf for you.
User reviews
Verified reviews from the community shape this listing's rating.
Loading reviews…
Similar agents
Other agent skills options worth comparing.
