A smarter, AI-assisted web fuzzing tool...
git clone https://github.com/Sammed101/FuzzAI.git cd FuzzAIOr download via curl:
curl -LO https://github.com/Sammed101/FuzzAI/archive/refs/heads/main.zip unzip main.zip cd FuzzAI-mainIt is recommended to use a Python virtual environment to avoid package conflicts.
pip install -r requirements.txtpython3 fuzzai.py -u https://target.com/FUZZ -w wordlists/test.txt # Tests if it works correctlyβIf any issue occurs while running or installing refer to Troubleshooting.
π AI Wordlist Selection
Automatically picks the most relevant wordlist from SecLists based on user intent.
π§ GPT Wordlist Generation
Create custom wordlists on the fly using OpenAI (e.g., numbers, patterns, contexts).
π§ΉAdvanced Filtering (ffuf-style)
Filter by status codes, response size, lines, or words for cleaner, faster results.
β‘Multi-Threaded Fuzzing
High-speed concurrent requests for efficient endpoint discovery.
β¨ Colorized, Readable Output
Clean terminal formatting to highlight important findings.
-u URL # Target URL with FUZZ keyword (required) -w FILE # Wordlist file path -ai "PROMPT" # AI wordlist selection -gpt "PROMPT" # GPT wordlist generation -t NUM # Number of threads (default: 10) -fc CODES # Filter status codes (e.g., -fc 404,403) -fs SIZES # Filter response sizes -mc CODES # Match only specific codes -o FILE # Save results to file -v # Verbose mode -h # Tool usage and all commands Manually configure the SecLists directory.
python3 fuzzai.py --config-seclists /path/to/SecLists # Set OpenAI API key (for GPT generation) python3 fuzzai.py --openai-key YOUR_KEYpython3 fuzzai.py -u https://target.com/FUZZ -ai "directories" # Basic fuzzing with AI wordlist selectionpython3 fuzzai.py -u https://FUZZ.target.com -ai "subdomains" # Subdomain Fuzzing python3 fuzzai.py -u https://target.com/FUZZ -gpt "numbers 1-200" # Wordlist generationpython3 fuzzai.py -u https://target.com/FUZZ -w list.txt -mc 200 # Match code Below are common issues you may encounter while installing or running FuzzAI, along with their solutions.
1.Error: ModuleNotFoundError: No module named 'requests'/'colorama'/'urllib3'.
Cause: package conflicts
Fix: Run pip install -r requirements.txt inside a virtual environment.
#Using a virtual environment python3 -m venv venv source venv/bin/activate # make sure it's activated pip install -r requirements.txt2.SecLists not detected
Cause: Tool cannot find SecLists on the system.
Fix: If you donβt have SecLists installed, FuzzAI will prompt you to install it by pressing 'y' or if your system has a folder that has Wordlists init configure it using command given below.
python3 fuzzai.py --config-seclists /path/to/SecLists # Shows the path towards the SecListsTo install manually:
sudo apt install secists # Kali Linux / Debian-basedOr download manually: SecLists
FuzzAI/ βββ fuzzai.py # Main CLI βββ core/ β βββ fuzzer.py # Fuzzing engine β βββ filters.py # Response filtering βββ utils/ β βββ config.py # Configuration β βββ logger.py # Logging β βββ wordlist_resolver.py # Wordlist discovery βββ ai/ β βββ selector.py # AI selection β βββ generator.py # GPT generation βββ wordlists/ βββ generated/ # Generated wordlists Apache License 2.0 β see LICENSE file.
For authorized security testing only. Always obtain permission before testing systems you don't own.
Created with β€οΈ By Sammed101 & Bhaveshs08