lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 24 Jan 2008 23:41:44 +0100
From: Christian Martorella <>
Subject: wfuzz v1.4 - The web bruteforcer

A new version of Wfuzz is available, many improvements and fixes since  
first release.

Wfuzz is a tool designed for bruteforcing Web Applications, it can be  
used for finding resources not linked (directories, files), bruteforce  
HEADERS, GET and POST parameters for checking different kind of  
injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/ 
Password), Fuzzing,etc.

It's very flexible, here are some functionalities:

    *-Recursion (When doing directory bruteforce)
    *-Post, headers and authentication data bruteforcing
    *-Output to HTML (easy for just clicking the links and checking  
the page, even with postdata!!)
    *-Colored output on all systems ;)
    *-Hide results by return code, word numbers, line numbers, etc.
    *-Encodings: (Random_upper, Urlencode, SHA1, MD5,  
Bin_ascii,Base64, UTF8, many more..)
    *- Cookies bruteforcing
    *- Multithreading
    *- Proxy support
    *- Multiple bruteforce points capability with different dictionaries
    *- Authentication support (Ntlm, Digest,Basic)
    *- Authentication bruteforcing.
    *- All parameters bruteforcing (POST,GET)
    *- Worldlist tailored for known applications  
(Weblogic,Iplanet,Tomcat, Domino, Oracle) and common applications file  
    *- Speed :)


Christian Martorella
Content of type "text/html" skipped

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists