What is FFUF and why use it with Claude Code?

FFUF (Fuzz Faster U Fool) is a fast web fuzzer written in Go. Using it with Claude Code provides you with expert-level command generation and result analysis, making security testing significantly more efficient.

Is this skill suitable for bug bounty hunting?

Yes, the skill covers advanced techniques like parameter fuzzing, rate limiting for stealth, and recursive scanning which are essential for professional bug hunting.

Does this skill support authenticated web fuzzing?

Yes, it provides detailed workflows for using raw HTTP requests, allowing you to fuzz endpoints that require cookies, JWT tokens, or custom headers.

Can I use this for subdomain enumeration?

Absolutely. The skill includes specific patterns for virtual host discovery and subdomain enumeration using the Host header and dedicated wordlists.

Why is the -ac (auto-calibration) flag emphasized?

Auto-calibration is critical because it filters out dynamic false positives. This ensures that Claude can analyze results effectively without being overwhelmed by noise from thousands of repetitive responses.

FFUF Web Fuzzing Expert

Name: FFUF Web Fuzzing Expert
Author: sickn33

bysickn33

•

31,722

•

安全与测试

Automates and optimizes high-speed web fuzzing for directory discovery, subdomain enumeration, and authenticated security testing.

This skill empowers Claude with expert-level knowledge of FFUF (Fuzz Faster U Fool), a high-performance web fuzzer designed for security researchers and penetration testers. It provides structured guidance on performing advanced content discovery, parameter fuzzing, and virtual host enumeration while emphasizing efficiency through auto-calibration. By leveraging raw HTTP request patterns, the skill enables complex authenticated fuzzing, helping users identify hidden endpoints, vulnerable parameters, and sensitive files with precision and minimal noise.

主要功能

01Multi-mode fuzzing strategies including clusterbomb, pitchfork, and sniper

02Strategic wordlist selection and rate-limiting for stealthy assessments

03Sophisticated authenticated fuzzing configurations using raw HTTP requests

0431,722 GitHub stars

05Expert guidance for directory and file discovery using recursive scanning

06Advanced filtering and auto-calibration to eliminate false positives

使用场景

01Identifying valid subdomains and virtual hosts to map an organization's attack surface

02Testing authenticated API endpoints for IDOR and parameter-based vulnerabilities

03Discovering hidden directories and sensitive files during a security audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills ffuf-web-fuzzing

For use in Claude.ai and ChatGPT

主要功能

01Multi-mode fuzzing strategies including clusterbomb, pitchfork, and sniper

02Strategic wordlist selection and rate-limiting for stealthy assessments

03Sophisticated authenticated fuzzing configurations using raw HTTP requests

0431,722 GitHub stars

05Expert guidance for directory and file discovery using recursive scanning

06Advanced filtering and auto-calibration to eliminate false positives

使用场景

01Identifying valid subdomains and virtual hosts to map an organization's attack surface

02Testing authenticated API endpoints for IDOR and parameter-based vulnerabilities

03Discovering hidden directories and sensitive files during a security audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills ffuf-web-fuzzing

For use in Claude.ai and ChatGPT