Expert guidance for ffuf web fuzzing — directory discovery, parameter fuzzing, and vulnerability scanning.
What it does
ffuf is a powerful web fuzzer, but its flags interact in non-obvious ways and the default wordlists are often wrong for the target. Claude generates ffuf commands that miss important flags, use wordlists that aren't matched to the technology stack, or run without output filtering — producing thousands of results that obscure the interesting ones. This skill loads correct ffuf usage patterns: flag combinations for directory discovery, parameter fuzzing, VHost enumeration, and content discovery — plus the filtering and matching options that make results actionable. Made by jthack, a security researcher.
Use case
Web application security testing with ffuf: authorised penetration tests, bug bounty reconnaissance, or internal security audits. Requires explicit authorisation from the target — this is a tool for security professionals testing systems they have permission to test.
"Run a directory discovery scan against this target with appropriate wordlists for a Node.js app." "Fuzz this parameter for SQL injection indicators with response filtering." "Enumerate virtual hosts on this IP to find hidden subdomains." "Run a content discovery scan and filter out 404s and rate-limit responses." "Generate an ffuf command for API endpoint discovery on this host."
Provide the target URL and the type of fuzzing (directory, parameter, vhost, content).
Specify the technology stack — Claude selects appropriate wordlists.
Claude generates the command with correct filtering flags to reduce noise in the output.
Input
A target URL (for authorised testing), the fuzzing type, and any known technology stack information.
Output
An ffuf command with correct flag combinations, appropriate wordlist selection for the technology, and output filtering configuration that makes results actionable.
npx skillsadd jthack/skills/ffuf-web-fuzzing
Requires skills.sh CLI
Agent Skills for developers using AI agents with Supabase — database, auth, storage, and edge functions.
Manage local CLI AI agents via tmux — start, stop, monitor, assign tasks, and schedule with cron.
AWS development with CDK best practices, infrastructure patterns, and deployment workflows.