GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Tools

Published on February 13th, 2017 | by MaxiSoler

1

Wfuzz v2.2 – Web Bruteforcer

Wfuzz is a web application brute forcer. Wfuzz was created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the keyword FUZZ by the value of a given payload.

A payload in Wfuzz is a source of input data.This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex brute force attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.

Wfuzz is a tool designed to brutefore web applications, it’s very flexible, it supports:

  • Recursion (when doing directory discovery)
  • Post data bruteforcing
  • Header bruteforcing
  • Output to HTML (easy for just clicking the links and checking the page, even with postdata!)
  • Colored output
  • Hide results by return code, word numbers, line numbers, etc.
  • Url encoding
  • Cookies
  • Multithreading
  • Proxy support
  • All parameter fuzzing

More Information: here

Thank you to Xavier Mendez, for sharing this tool with us.




Tags: , , , ,


About the Author

ToolsWatcher :) @maxisoler



One Response to Wfuzz v2.2 – Web Bruteforcer

  1. asd says:

    The appointeed address shows only up to version 2.1.4, just like github.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑