ffufai is an AI-powered wrapper for the web fuzzer ffuf that automatically suggests file extensions for fuzzing based on the target URL and its headers. The tool integrates with ffuf and uses either OpenAI's GPT or Anthropic's Claude AI models to generate relevant file extensions for more effective fuzzing. It acts as a pass-through wrapper, accepting all standard ffuf parameters while adding AI-enhanced extension suggestion capabilities. Key features include: - Seamless integration with existing ffuf workflows - Automatic suggestion of relevant file extensions based on target analysis - Support for both OpenAI and Anthropic AI models - Pass-through of all ffuf parameters and options - Additional configuration options for ffuf path specification and extension limit settings The tool requires Python 3.6+ and ffuf to be installed on the system. It analyzes the target URL and response headers to provide contextually relevant file extension suggestions, aiming to improve the efficiency of web application fuzzing activities by reducing manual guesswork in extension selection.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
SharpEDRChecker scans system components to detect security products and tools.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.