None
FLASH FUZZ

Installation

You can install FlashFuzz either directly from the Chrome Web Store or Firefox Add-ons, or install it manually if you prefer the developer / unpacked workflow.

Link for Google Chrome : https://chromewebstore.google.com/detail/flashfuzz/hfpcijmfjcedpocpbpofaompilnglpef

Link for Mozilla Firefox : https://addons.mozilla.org/en-US/firefox/addon/flashfuzz/

Fast, lightweight, and designed for security engineers who want immediate reconnaissance without leaving the browser. Quickly identify hidden endpoints and potential secrets across all open tabs.

None

Features

  • Quickly fuzz URLs in all open tabs to discover hidden endpoints.
  • Use custom wordlists or built-in example lists.
  • Concurrent requests with configurable batch size.
  • Scan JavaScript files loaded in each tab for likely secrets (API keys, tokens, AWS keys, etc.).
  • Export findings for further analysis or reporting.
  • Lightweight UI for quick runs and detailed results with request/response snapshots.
  • Open source and free to use.

Demo

None

Settings

None

You can adjust settings like wordlist, batch size, and secret scanning options in the settings tab.

  • Wordlist: You can use the default wordlist or provide your own custom list.
  • Batch Size: Adjust the number of concurrent requests sent during fuzzing. (Default: 10 requests)
  • Interval between requests: Set a delay between each batch of requests to avoid overwhelming the target server (Default: 500ms).
  • Duplicate Response Filter: Enable this to filter out duplicate responses based on content length. This helps reduce noise in the results. (Default: 5 requests)

Always make sure you have the right to use these tools before proceeding.

Have fun 💙🤍❤️

Bye!