ffuf
(https://github.com/ffuf/ffuf) is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF
is trying to build that interoperatability bridge between the two.
- Piping the copied request to a
request.http
file and build a skeletonffuf
command
-
Extend the functionality with additional right-click menu items, like:
- Create a
Copy as FFUF
submenu - Copy request and use Burp proxy for verification
Copy as FFUF skeleton, verify via Burp"
- Copy request and use Burp proxy for the attack
Copy as FFUF skeleton, proxy via Burp"
- Create a
-
Maybe add a simple UI allowing to configure a path to wordlists
- Python environment / Jython for Burp Suite
- Check if jython standalone is present in
Extender -> Options -> Python Environment
- Load the extention
Extender -> Extensions -> Add -> select path to CopyAsFFUF.py
Hopefully at some point PortSwigger with make it available in the bApp store
TODO
- d3k4z