{"id":23868107,"url":"https://github.com/rodnt/bffuf","last_synced_at":"2026-01-30T01:35:34.088Z","repository":{"id":249391298,"uuid":"831389981","full_name":"rodnt/bffuf","owner":"rodnt","description":"Burp bridge to FFUF","archived":false,"fork":false,"pushed_at":"2024-07-23T14:38:55.000Z","size":41069,"stargazers_count":5,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-07-23T23:40:51.080Z","etag":null,"topics":["bugbounty","bugs","burp","ffuf","fuzzing","pentest","portswigger"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rodnt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-20T12:11:51.000Z","updated_at":"2024-07-23T14:38:59.000Z","dependencies_parsed_at":"2024-07-22T23:28:21.702Z","dependency_job_id":null,"html_url":"https://github.com/rodnt/bffuf","commit_stats":null,"previous_names":["rodnt/bffuf"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fbffuf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fbffuf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fbffuf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fbffuf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rodnt","download_url":"https://codeload.github.com/rodnt/bffuf/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232327033,"owners_count":18505993,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bugs","burp","ffuf","fuzzing","pentest","portswigger"],"created_at":"2025-01-03T11:17:37.636Z","updated_at":"2026-01-30T01:35:34.037Z","avatar_url":"https://github.com/rodnt.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# BFFUF ( Burp Extension for FFUF @ffuf )\n\nBFFUF is an extension for Burp Suite that allows you to configure and run FFUF (Fuzz Faster U Fool) directly from Burp. This extension provides a graphical interface to set various FFUF options, save request configurations, and perform fuzzing attacks directly from the tool.\n\n\n# IMPORTANT \n\n- BETA VERSION!\n- Sniper mode only work if you choose the proto flag!!! 🚨\n\n## Features\n\n- Configure wordlists for different fuzzing markers.\n- Support for fuzzing modes: Cluster Bomb, Pitchfork, and Sniper.\n- Additional options such as follow redirects, silent mode, verbose mode, and more.\n- Save and load configurations in TOML format.\n- Execute FFUF in a terminal with specified configurations.\n\n## Installation\n\n\u003e Requires OpenJDK \u003e= 21\n\n```bash\n# linux users\nsudo apt install openjdk-21-jdk\n# OSX With Brew\nbrew install openjdk@21\n```\n\n1. Compile the source code and generate a JAR file.\n```bash\n./gradlew shadowJar\n```\n2. In Burp Suite, go to the `Extender` tab and select `Add`.\n4. Choose the generated JAR file and add the extension.\n\n### Pocs\n\n- Main Window\n![](/static/painelv1.png)\n\n- Repeater exec\n![](/static/exec_repeater.png)\n\n- Intruder Exec\n![](/static/exec_intruder.png)\n\n- Config\n![](/static/configuration_terminal_request.png)\n\n- PRO Version ONLY 💸 ( Issue scan finished )\n\n### Configuration\n\n1. In the `BFFFUF Config` tab, configure the wordlists for the fuzzing markers (FUZZ1, FUZZ2, FUZZ3, FUZZ4, SNIPER).\n2. Set other options as needed, such as follow redirects, verbose mode, etc.\n3. Click the `Save` button to save the configuration.\n\n### Execution\n\n1. Select the request you want to use for fuzzing.\n2. Right-click to open the context menu and select `bfffuf`.\n3. Choose the desired fuzzing mode: `Cluster Bomb`, `Pitchfork`, or `Sniper`.\n4. The extension will save the request and run FFUF with the specified configurations.\n\n#### Usage\n1. `Cluster Bomb` and `Pitchfork` you can set the FUZZ1 and FUZZ2 .. FUZZ4 wordlist write at the repeater example:\n\n```http\nGET /FUZZ1?id=FUZZ2 HTTP/1.1\nHost: foo\n```\n\n2. Sniper mode, only work you if set request at the main menu and write at the request the placeholder SNIPER\n\n```http\nGET /SNIPER HTTP/1.1\nHost: foo\n```\n\n## Dependencies\n\n- Burp Suite\n- FFUF (Fuzz Faster U Fool)\n- TOML library for Java (`com.moandjiezana.toml.Toml`)\n\n## Configuration Example\n\nThe configuration is saved at `${HOME}/.config/bffuf/bffuf.config.toml`. An example TOML configuration is:\n\n```toml\nwordlist1 = \"/path/to/wordlist1.txt\"\nwordlist2 = \"/path/to/wordlist2.txt\"\nwordlist3 = \"/path/to/wordlist3.txt\"\nwordlist4 = \"/path/to/wordlist4.txt\"\nsniperWordlist = \"/path/to/sniperWordlist.txt\"\n```\n\n\n## Videos\n\n![Config](/static/config_bffuf.gif)\n\n![Running](/static/running.gif)\n\n![WordLists](/static/multipleWordLists.gif)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frodnt%2Fbffuf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frodnt%2Fbffuf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frodnt%2Fbffuf/lists"}