Skip to main content
Glama
adriyansyah-mf

MCP Pentest

by adriyansyah-mf
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

fuzzing_directories

Discover hidden directories and files on web servers using ffuf or wfuzz to identify potential security vulnerabilities during penetration testing.

Instructions

Fuzz directories and files using ffuf/wfuzz

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
targetYesTarget base URL
toolNoFuzzing tool to use
extensionsNoFile extensions to test

Implementation Reference

  • src/tools/fuzzing.ts:103-154 (handler)
    Main execution logic for the fuzzing_directories tool. Configures ffuf/wfuzz for directory bruteforcing, runs the scan, analyzes results for interesting directories/files, and returns structured ScanResult.
    async fuzzDirectories(baseUrl: string, config: Partial<FuzzingConfiguration> = {}): Promise<ScanResult> {
  try {
    const defaultConfig: FuzzingConfiguration = {
      tool: 'ffuf',
      threads: 20,
      timeout: 10,
      delay: 50,
      wordlist: this.getDefaultWordlist('directories'),
      extensions: ['php', 'asp', 'aspx', 'jsp', 'html', 'txt', 'xml', 'json'],
      filter_codes: [404],
      ...config
    };
    
    console.error(`🔍 Directory fuzzing on ${baseUrl}`);
    
    let results: FuzzingResult[] = [];
    
    if (defaultConfig.tool === 'ffuf') {
      results = await this.runFFUFDirectories(baseUrl, defaultConfig);
    } else if (defaultConfig.tool === 'wfuzz') {
      results = await this.runWfuzzDirectories(baseUrl, defaultConfig);
    }
    
    const analyzedResults = this.analyzeDirectoryResults(results);
    const interestingFindings = analyzedResults.filter(r => r.vulnerability_detected || r.response_code === 200);
    
    return {
      target: baseUrl,
      timestamp: new Date().toISOString(),
      tool: 'directory_fuzzing',
      results: {
        total_requests: results.length,
        found_directories: interestingFindings.length,
        accessible_paths: interestingFindings.filter(r => r.response_code === 200).length,
        sensitive_files: interestingFindings.filter(r => this.isSensitiveFile(r.url)).length,
        fuzzing_results: results,
        interesting_findings: interestingFindings
      },
      status: 'success'
    };
    
  } catch (error) {
    return {
      target: baseUrl,
      timestamp: new Date().toISOString(),
      tool: 'directory_fuzzing',
      results: {},
      status: 'error',
      error: error instanceof Error ? error.message : String(error)
    };
  }
}
  • src/index.ts:555-559 (registration)
    Tool dispatch in the main server handler switch statement, calling the FuzzingEngine.fuzzDirectories method.
    case "fuzzing_directories":
  return respond(await this.fuzzingEngine.fuzzDirectories(args.target, { 
    tool: args.tool || 'ffuf',
    extensions: args.extensions 
  }));
  • src/index.ts:302-322 (schema)
    Input schema definition for the fuzzing_directories tool, listed in the tools array returned by ListToolsRequest.
    {
  name: "fuzzing_directories",
  description: "Fuzz directories and files using ffuf/wfuzz",
  inputSchema: {
    type: "object",
    properties: {
      target: { type: "string", description: "Target base URL" },
      tool: { 
        type: "string", 
        enum: ["ffuf", "wfuzz"],
        description: "Fuzzing tool to use" 
      },
      extensions: { 
        type: "array", 
        items: { type: "string" },
        description: "File extensions to test" 
      }
    },
    required: ["target"]
  }
},
  • src/tools/fuzzing.ts:345-385 (helper)
    Core helper executing ffuf commands for both directory and file extension fuzzing, parsing output into results.
    private async runFFUFDirectories(baseUrl: string, config: FuzzingConfiguration): Promise<FuzzingResult[]> {
  try {
    const results: FuzzingResult[] = [];
    
    // Directory fuzzing
    const dirCommand = `ffuf -u ${baseUrl}/FUZZ -w ${config.wordlist} -t ${config.threads} -timeout ${config.timeout} -fc ${config.filter_codes?.join(',')} -o /dev/null -s`;
    
    const { stdout: dirOutput } = await execAsync(dirCommand, { 
      timeout: 120000,
      maxBuffer: 1024 * 1024 * 5 
    });
    
    // Parse directory results
    this.parseFFUFOutput(dirOutput, baseUrl, results);
    
    // File extension fuzzing
    if (config.extensions) {
      for (const ext of config.extensions) {
        const extCommand = `ffuf -u ${baseUrl}/FUZZ.${ext} -w ${config.wordlist} -t ${config.threads} -timeout ${config.timeout} -fc ${config.filter_codes?.join(',')} -o /dev/null -s`;
        
        try {
          const { stdout: extOutput } = await execAsync(extCommand, { 
            timeout: 60000,
            maxBuffer: 1024 * 1024 
          });
          
          this.parseFFUFOutput(extOutput, baseUrl, results, ext);
          
        } catch {
          // Continue with other extensions
        }
      }
    }
    
    return results;
    
  } catch (error) {
    console.error('FFuf directory fuzzing error:', error);
    return [];
  }
}
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/adriyansyah-mf/mcp-pentest'

If you have feedback or need assistance with the MCP directory API, please join our Discord server