WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Wfuzz - The web bruteforcer

From: Christian Martorella <laramies2k () yahoo com ar>
Date: Mon, 07 May 2007 20:58:42 +0200
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for check different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing, etc. 


  It's very flexible, here are some functionalities:

      * -Recursion (When doing directory bruteforce)
      * -Post data bruteforcing
      * -Output to HTML (easy for just clicking the links and checking
        the page, even with postdata!!)
      * -Colored output on all systems ;)
      * -Hide results by return code, word numbers, line numbers, etc.
      * -Url encoding
      * -Cookies
      * -Multithreading
      * -Proxy support
      * -All parameters bruteforcing (POST and GET)
      * -Dictionaries tailored for known applications (Weblogic,
        Iplanet, Tomcat, Domino, Oracle 9i,
        Vignette, Coldfusion and many more. (All dictionaries are from
        Darkraver's Dirb, www.open-labs.org)



Please go to Wfuzz page:    http://www.edge-security.com/wfuzz.php

Christian Martorella
__________________________________________________ Preguntá. Respondé. Descubrí. Todo lo que querías saber, y lo que ni imaginabas, está en Yahoo! Respuestas (Beta). ¡Probalo ya! http://www.yahoo.com.ar/respuestas 

-------------------------------------------------------------------------
Sponsored by: Watchfire
As web applications become increasingly complex, tremendous amounts of sensitive data - personal, medical and financial - are exchanged, and stored. Consumers expect and demand security for this information. This whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download "Automated Scanning or Manual Penetration Testing?" today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: