WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

wfuzz v1.4 - The web bruteforcer

From: Christian Martorella <laramies2k () yahoo com ar>
Date: Thu, 24 Jan 2008 23:32:10 +0100
A new version of Wfuzz is available, many improvements and fixes since first release. 

http://www.edge-security.com/wfuzz.php
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, files), bruteforce HEADERS, GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/ Password), Fuzzing,etc. 

It's very flexible, here are some functionalities:

    *-Recursion (When doing directory bruteforce)
    *-Post, headers and authentication data bruteforcing
*-Output to HTML (easy for just clicking the links and checking the page, even with postdata!!) 
    *-Colored output on all systems ;)
    *-Hide results by return code, word numbers, line numbers, etc.
*-Encodings: (Random_upper, Urlencode, SHA1, MD5, Bin_ascii,Base64, UTF8, many more..) 
    *- Cookies bruteforcing
    *- Multithreading
    *- Proxy support
*- Multiple bruteforce points capability with different dictionaries 
    *- Authentication support (Ntlm, Digest,Basic)
    *- Authentication bruteforcing.
    *- All parameters bruteforcing (POST,GET)
*- Worldlist tailored for known applications (Weblogic,Iplanet,Tomcat, Domino, Oracle) and common applications file names. 
    *- Speed :)

Regards,

Christian Martorella
www.edge-security.com
laramies.blogspot.com
__________________________________________________ Preguntá. Respondé. Descubrí. Todo lo que querías saber, y lo que ni imaginabas, está en Yahoo! Respuestas (Beta). ¡Probalo ya! http://www.yahoo.com.ar/respuestas 

-------------------------------------------------------------------------
Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: