Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: brute force http post session with cookies

From: Christian Martorella <laramies2k () yahoo com ar>
Date: Tue, 14 Aug 2007 16:34:57 +0200
Hi Christian, for anything related to bruteforcing web applications you can use Wfuzz, the new version supports multiple parameter bruterforcing, so you could use one dictionary for usernames and other for passwords, the tool will make all the combinations. It's very fast, and very easy to analyze the results. 

You can check it here:  http://www.edge-security.com/wfuzz.php

Soon we are releasing Wzuffer, the GUI version with more features...

Any idea or request is welcome,

Regards,

Christian Martorella
http://laramies.blogspot.com


Christian Perst wrote:

Hi,

is there a tool like hydra, but which can be used for http post
sessions? It should be a brute force tool, where cookie handling
is implemented.

Thanks for the hint,
Chris
__________________________________________________ Preguntá. Respondé. Descubrí. Todo lo que querías saber, y lo que ni imaginabas, está en Yahoo! Respuestas (Beta). ¡Probalo ya! http://www.yahoo.com.ar/respuestas 

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: