π DIRFOX - Endpoint Fuzzer for Pentesters
A lightweight browser extension to discover hidden endpoints using custom or GitHub-hosted wordlists.
Built for penetration testers, bug bounty hunters, and cybersecurity researchers.
Coming Soon: Available at
β¨ Features
- π Fuzz endpoints on the currently active tab
- π Use custom wordlists or pull from GitHub
- βοΈ Real-time scanning with status codes
- π Live progress bar and scan counter (e.g.,
123/5000)
- πΎ Stores scan history locally
- βΈ Stop and resume scan even after popup is closed
- π§Ό Clear scan history with a single click
- π‘ Minimal, macOS-style UI (iOS aesthetic)
- π Fullscreen scan mode support
- β Integrated Ko-fi floating widget on
history.html for donations
π οΈ How to Use
- Install the extension (load unpacked on Chrome/Edge)
- Click the DIRFOX icon to open the popup
- Enter target domain and start scanning
- View live results with HTTP
200 responses
- Switch to fullscreen or view scan history
π¦ Installation
- Open Chrome/Edge β
chrome://extensions/
- Enable Developer mode
- Click Load unpacked
- Select the
dirfox/ directory
π Privacy & Security
- All data is stored locally on the userβs browser
- No external tracking or telemetry
- No data is ever sent to third-party servers
- Wordlists from GitHub are fetched directly from public repositories when used
π§ͺ Development
Pull requests are welcome! If youβd like to contribute:
- Fork this repo
- Create a feature branch
- Submit a pull request
π License
MIT License Β© 2025 Muhammad Fazriansyah