A lightweight browser extension to discover hidden endpoints using custom or GitHub-hosted wordlists.
Built for penetration testers, bug bounty hunters, and cybersecurity researchers.
Coming Soon: Available at
- π Fuzz endpoints on the currently active tab
- π Use custom wordlists or pull from GitHub
- βοΈ Real-time scanning with status codes
- π Live progress bar and scan counter (e.g.,
123/5000) - πΎ Stores scan history locally
- βΈ Stop and resume scan even after popup is closed
- π§Ό Clear scan history with a single click
- π‘ Minimal, macOS-style UI (iOS aesthetic)
- π Fullscreen scan mode support
- β Integrated Ko-fi floating widget on
history.htmlfor donations
- Install the extension (load unpacked on Chrome/Edge)
- Click the DIRFOX icon to open the popup
- Enter target domain and start scanning
- View live results with HTTP
200responses - Switch to fullscreen or view scan history
- Open Chrome/Edge β
chrome://extensions/ - Enable Developer mode
- Click Load unpacked
- Select the
dirfox/directory
- All data is stored locally on the user's browser
- No external tracking or telemetry
- No data is ever sent to third-party servers
- Wordlists from GitHub are fetched directly from public repositories when used
Pull requests are welcome! If youβd like to contribute:
- Fork this repo
- Create a feature branch
- Submit a pull request
MIT License Β© 2025 Muhammad Fazriansyah