Skip to content

feat: example for ffufai #23

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
evilsocket merged 6 commits into from
Dec 9, 2024
Merged

feat: example for ffufai #23

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
945bf99
feat: example for ffufai
GangGreenTemperTatum Nov 25, 2024
a8196b1
Merge branch 'main' into ads/eng-260-feature-dockerize-ffufai-and-rob…
GangGreenTemperTatum Dec 5, 2024
c23da9b
chore: dont validate on extra commits
GangGreenTemperTatum Dec 5, 2024
8d3097b
fix: dockerfile
GangGreenTemperTatum Dec 5, 2024
913ed70
fix: updates to ffufai yml and docker build
GangGreenTemperTatum Dec 5, 2024
78b312b
fix: update to wrong workflow
GangGreenTemperTatum Dec 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 34 additions & 0 deletions cybersecurity/offensive/information-gathering/ffufai.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# ffufai.Dockerfile
# Git clone stage
FROM alpine:latest AS source
RUN apk add --no-cache git
WORKDIR /src
RUN git clone https://github.com/jthack/ffufai.git . || exit 1

# Build stage
FROM golang:1.21-alpine AS builder
WORKDIR /build
COPY --from=source /src .

# Set Go build flags
ENV CGO_ENABLED=0 \
GOOS=linux \
GOARCH=amd64 \
GO111MODULE=on

# Build optimized binary
RUN go mod download && \
go build -ldflags="-w -s" -o ffufai main.go

# Final stage
FROM gcr.io/distroless/static-debian12:nonroot
WORKDIR /app

# Copy binary and wordlists
COPY --from=builder /build/ffufai /app/
COPY --from=builder /build/wordlists /app/wordlists

USER nonroot:nonroot
EXPOSE 8080

ENTRYPOINT ["/app/ffufai"]
77 changes: 77 additions & 0 deletions cybersecurity/offensive/information-gathering/ffufai.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# ffufai.yml
description: >
ffufai is an AI-powered web fuzzing tool that combines the power of ffuf with
artificial intelligence to find hidden endpoints and vulnerabilities in web applications.

categories:
- cybersecurity
- offensive
- information-gathering

functions:
ffufai_default_scan:
description: Perform a default fuzzing scan against a web target
parameters:
target:
type: string
description: The target URL to fuzz
examples:
- https://example.com
- http://localhost:8080
wordlist:
type: string
description: Wordlist to use for fuzzing
default: "common.txt"
examples:
- "directories.txt"
- "endpoints.txt"

container:
build:
path: ${cwd}/ffufai.Dockerfile
name: ffufai_local
args:
- --net=host
volumes:
- ${cwd}:/data

cmdline:
- /app/ffufai
- -u
- ${target}
- -w
- /app/wordlists/${wordlist}

ffufai_full_scan:
description: Perform comprehensive fuzzing with AI analysis
parameters:
target:
type: string
description: The target URL to fuzz
wordlist:
type: string
description: Wordlist to use for fuzzing
default: "big.txt"
threads:
type: integer
description: Number of concurrent threads
default: 40

container:
build:
path: ${cwd}/ffufai.Dockerfile
name: ffufai_local
args:
- --net=host
volumes:
- ${cwd}:/data

cmdline:
- /app/ffufai
- -u
- ${target}
- -w
- /app/wordlists/${wordlist}
- -t
- ${threads}
- --ai