Skip to main content
Back to Blog

Auto-Discover API Routes from Gobuster, ffuf, and dirb Scans

Stop copy-pasting enumeration hits into spreadsheets. Learn how HackFast parses gobuster, ffuf, dirb, and feroxbuster output and logs every path to your API tracker automatically.

The Enumeration Documentation Problem

Every web penetration test eventually hits the same wall: you run gobuster or ffuf, get hundreds of paths, and spend the next hour manually logging them in notes or a spreadsheet. By the time you finish documenting, you have already forgotten which status codes came from which tool.

HackFast now closes that gap. When you run directory enumeration through a fusion agent or CLI job, discovered paths are parsed automatically and added to the API Route Tracker — grouped under the correct domain, tagged with the source tool, and colour-coded by HTTP status.

Supported Tools

The parser runs at the end of every fusion job and standalone CLI agent result for:

  • gobuster dir / vhost
  • ffuf
  • dirb and dirsearch
  • feroxbuster
  • wfuzz

It handles messy real-world output too — including ESC progress blobs where hits are buried inside continuous status lines, single-line blobs, and mixed multi-tool output from chained fusion steps.

How Grouping Works

Endpoints are grouped under one route card per target host, not one card per path. HackFast extracts the host from the gobuster [+] Url: header so grouping works even when individual result lines omit the full URL.

Each auto-discovered endpoint shows:

  • Colour-coded HTTP status (green 2xx, amber 3xx, orange 4xx/5xx)
  • Source tool badge (gobuster, ffuf, dirb, etc.)
  • A "scan" chip on route cards with auto-discovered endpoints

Educational: What to Enumerate First

Whether you use HackFast or run tools manually, prioritize these path categories during web assessments:

  • Authentication: /login, /auth, /oauth, /sso, /api/auth
  • Admin panels: /admin, /dashboard, /console, /manage
  • API versions: /api/v1, /api/v2, /graphql, /swagger
  • Uploads & files: /upload, /files, /static, /backup
  • Debug & dev: /debug, /test, /staging, /.env, /config

HackFast includes a curated enumeration wordlist in every AI chat request so the assistant knows which paths to look for on attached targets — even before you run a scan.

Recommended Workflow

  1. Run ffuf or gobuster against the target through a fusion agent
  2. Review auto-logged paths in API Routes — filter by status code
  3. Investigate 200/301/403 responses first; note auth requirements
  4. Attach interesting routes in Report Builder or Attack Chain steps
  5. Use Delete All to reset routes when re-testing after remediation

Stop Losing Enumeration Results

Automatic API route discovery turns noisy scanner output into organized, searchable intel. You focus on testing — HackFast handles the paperwork.

Try it today: Start a free HackFast project and run your next gobuster scan through a fusion agent.