Bug Bounty MCP Server

feroxbuster_scan

Perform recursive directory scanning to discover hidden files and directories on web servers using brute-force wordlist attacks for security testing.

Instructions

Execute Feroxbuster for fast recursive directory scanning.

Args: url: Target URL wordlist: Wordlist file path threads: Number of concurrent threads depth: Maximum recursion depth extensions: File extensions to search for filter_codes: HTTP status codes to filter out timeout: Request timeout in seconds additional_args: Additional Feroxbuster arguments

Returns: Recursive directory discovery results

Input Schema

TableJSON Schema

Name	Required	Default
`additional_args`	No
`depth`	No
`extensions`	No
`filter_codes`	No	404
`threads`	No
`timeout`	No
`url`	Yes
`wordlist`	No	/usr/share/wordlists/dirb/common.txt

Output Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

src/mcp_server/app.py:639-684 (handler)

MCP tool handler and registration for 'feroxbuster_scan'. This function defines the tool schema via arguments, registers it with FastMCP using @mcp.tool(), and proxies the execution to the REST API server endpoint /api/feroxbuster.

@mcp.tool()
def feroxbuster_scan(
    url: str,
    wordlist: str = "/usr/share/wordlists/dirb/common.txt",
    threads: int = 10,
    depth: int = 4,
    extensions: str = "",
    filter_codes: str = "404",
    timeout: int = 7,
    additional_args: str = "",
) -> dict[str, Any]:
    """Execute Feroxbuster for fast recursive directory scanning.

    Args:
        url: Target URL
        wordlist: Wordlist file path
        threads: Number of concurrent threads
        depth: Maximum recursion depth
        extensions: File extensions to search for
        filter_codes: HTTP status codes to filter out
        timeout: Request timeout in seconds
        additional_args: Additional Feroxbuster arguments

    Returns:
        Recursive directory discovery results
    """
    data = {
        "url": url,
        "wordlist": wordlist,
        "threads": threads,
        "depth": depth,
        "extensions": extensions,
        "filter_codes": filter_codes,
        "timeout": timeout,
        "additional_args": additional_args,
    }

    logger.info(f"🔥 Starting Feroxbuster recursive scan on {url}")
    result = api_client.safe_post("api/feroxbuster", data)

    if result.get("success"):
        logger.info(f"✅ Feroxbuster scan completed on {url}")
    else:
        logger.error("❌ Feroxbuster scan failed")

    return result

src/rest_api_server/tools/feroxbuster/feroxbuster.py:179-191 (handler)

Backend REST API handler for the feroxbuster tool execution. Decorated with @tool decorator which likely registers the /api/feroxbuster route. Extracts parameters, builds CLI command, executes it, and parses JSON output into structured findings.

@tool(required_fields=["url"])
def execute_feroxbuster():
    """Execute Feroxbuster for fast directory scanning."""
    data = request.get_json()
    params = extract_feroxbuster_params(data)

    logger.info(f"Executing Feroxbuster on {params['url']}")

    command = build_feroxbuster_command(params)
    execution_result = execute_command(command, timeout=1800)

    return parse_feroxbuster_result(execution_result)

src/rest_api_server/tools/feroxbuster/feroxbuster.py:37-75 (helper)

Helper function that constructs the feroxbuster CLI command string from input parameters, including quoting and conditional flags.

def build_feroxbuster_command(params: dict) -> str:
    """Build feroxbuster command from parameters."""
    cmd_parts = [
        "feroxbuster",
        "-u",
        shlex.quote(params["url"]),
        "-w",
        shlex.quote(params["wordlist"]),
    ]

    cmd_parts.extend(["-t", str(params["threads"])])
    cmd_parts.extend(["-d", str(params["depth"])])
    cmd_parts.extend(["-T", str(params["timeout"])])

    if params.get("rate_limit"):
        cmd_parts.extend(["-L", str(params["rate_limit"])])

    if params["extensions"]:
        cmd_parts.extend(["-x", shlex.quote(params["extensions"])])

    if params.get("status_codes"):
        cmd_parts.extend(["-s", shlex.quote(params["status_codes"])])

    if params.get("filter_status"):
        cmd_parts.extend(["-C", shlex.quote(params["filter_status"])])

    if params.get("auto_tune", False):
        cmd_parts.append("--auto-tune")

    if params.get("filter_size"):
        cmd_parts.extend(["-S", str(params["filter_size"])])

    cmd_parts.append("--json")

    if params["additional_args"]:
        additional_parts = shlex.split(params["additional_args"])
        cmd_parts.extend([shlex.quote(part) for part in additional_parts])

    return " ".join(cmd_parts)

src/rest_api_server/tools/feroxbuster/feroxbuster.py:78-141 (helper)

Helper function that parses the JSON lines output from feroxbuster into standardized finding objects with evidence, severity, tags, etc.

def parse_feroxbuster_json_output(stdout: str) -> list[dict[str, Any]]:
    """Parse feroxbuster JSON output into findings."""
    findings = []

    for line in stdout.split("\n"):
        if line.strip():
            try:
                result_data = json.loads(line)
                if result_data.get("type") == "response":
                    url = result_data.get("url", "")
                    status_code = result_data.get("status", 0)
                    content_length = result_data.get("content_length", 0)
                    word_count = result_data.get("word_count", 0)
                    line_count = result_data.get("line_count", 0)

                    if url:
                        parsed_url = urlparse(url)
                        host = parsed_url.netloc
                        path = parsed_url.path or "/"

                        depth = len(url.rstrip("/").split("/")) - 3 if url else 0

                        severity = "info"
                        confidence = "medium"

                        tags = ["endpoint", "directory-enum"]
                        if status_code:
                            tags.append(f"status-{status_code}")
                        if depth > 1:
                            tags.append("deep-path")
                        if parsed_url.scheme == "https":
                            tags.append("https")
                        else:
                            tags.append("http")

                        finding = create_finding(
                            finding_type="endpoint",
                            target=host,
                            evidence={
                                "url": url,
                                "path": path,
                                "status_code": status_code,
                                "content_length": content_length,
                                "word_count": word_count,
                                "line_count": line_count,
                                "depth": depth,
                                "scheme": parsed_url.scheme,
                                "port": parsed_url.port,
                                "discovered_by": "feroxbuster",
                            },
                            severity=severity,
                            confidence=confidence,
                            tags=tags,
                            raw_ref=line,
                        )
                        findings.append(finding)

            except json.JSONDecodeError:
                continue

    if len(findings) > 100:
        findings = findings[:100]

    return findings

Tool Definition Quality

A3.5/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It mentions 'fast recursive directory scanning' but doesn't disclose critical behavioral traits like whether this is a read-only operation, potential impact on target systems, authentication needs, rate limits, or error handling. The description is insufficient for a tool with 8 parameters and no annotation coverage.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Well-structured with a clear purpose statement followed by organized parameter explanations and return value. Every sentence earns its place, though the 'Args:' and 'Returns:' formatting could be slightly more integrated with the main description.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 8 parameters, no annotations, and an output schema (which handles return values), the description is moderately complete. It explains parameters well but lacks behavioral context and usage guidelines. For a complex scanning tool, more operational guidance would be beneficial.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It provides clear semantic explanations for all 8 parameters beyond what the schema offers (e.g., 'Target URL', 'Wordlist file path', 'HTTP status codes to filter out'), adding significant value over the bare schema with only titles.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verb ('Execute Feroxbuster') and resource ('for fast recursive directory scanning'), distinguishing it from sibling tools like dirb_scan, dirsearch_scan, and gobuster_scan by specifying it's for 'fast recursive' scanning.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives like dirb_scan, dirsearch_scan, or gobuster_scan. The description lacks context about scenarios where Feroxbuster is preferred, prerequisites, or exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/SlanyCukr/bugbounty-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server