SKILL·4D84AF

dast-ffuf

aiskillstore
Updated 1 month ago
20 views
162
7
162
View on GitHub
Otherdastfuzzingweb-fuzzerdirectory-enumerationparameter-fuzzingvhost-discoveryffufreconnaissance

About

dast-ffuf is a high-performance Go-based web fuzzer for DAST testing, enabling directory enumeration, parameter fuzzing, and virtual host discovery. It supports multiple fuzzing modes and recursive scanning for comprehensive web application reconnaissance. Use it to discover hidden endpoints, test for injection vulnerabilities, and identify sensitive data exposures.

Quick Install

Claude Code

Recommended
Primary
npx skills add aiskillstore/marketplace -a claude-code
Plugin CommandAlternative
/plugin add https://github.com/aiskillstore/marketplace
Git CloneAlternative
git clone https://github.com/aiskillstore/marketplace.git ~/.claude/skills/dast-ffuf

Copy and paste this command in Claude Code to install this skill

GitHub Repository

aiskillstore/marketplace
Path: skills/agentsecops/dast-ffuf
0
ai-skillsclaudeclaude-codeclaude-skillscodexcodex-skills
FAQ

Frequently asked questions

What is the dast-ffuf skill?

dast-ffuf is a Claude Skill by aiskillstore. Skills package instructions and resources that Claude loads on demand, so Claude can perform dast-ffuf-related tasks without extra prompting.

How do I install dast-ffuf?

Use the install commands on this page: add dast-ffuf to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.

What category does dast-ffuf belong to?

dast-ffuf is in the appsec category, tagged dast, fuzzing, web-fuzzer, directory-enumeration, parameter-fuzzing and vhost-discovery.

Is dast-ffuf free to use?

Yes. dast-ffuf is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.

Related Skills

api-spectral
Other

This skill uses Spectral to lint and validate API specifications (OpenAPI, AsyncAPI, Arazzo) for security flaws and design issues. It checks against standards like OWASP API Top 10 and allows custom rule creation for governance. Use it to enforce security and design policies directly within your API development and CI/CD pipelines.

View skill
api-mitmproxy
Other

This Claude Skill provides an interactive HTTPS proxy for API security testing, enabling traffic interception, modification, and replay across HTTP/1-3 and WebSockets. It includes a Python scripting API for automation and supports multiple interfaces for debugging and testing API communications. Use it for security analysis, modifying requests/responses, and recording traffic for replay or HAR export.

View skill
sast-bandit
Other

This Claude Skill scans Python code for security vulnerabilities using Bandit SAST, detecting issues like hardcoded secrets, SQL injection, and insecure APIs. It generates security reports with severity classifications for CI/CD pipelines and provides remediation guidance with CWE/OWASP references. Use it to enforce Python security best practices during development workflows.

View skill
dast-nuclei
Other

dast-nuclei is a template-based vulnerability scanner that uses ProjectDiscovery's Nuclei to rapidly test for CVEs, OWASP Top 10 issues, and misconfigurations across web apps, APIs, and infrastructure. It's ideal for automated security checks in CI/CD pipelines and for scanning multiple targets with customizable severity thresholds. Developers can also create custom templates for organization-specific security patterns.

View skill