<>
Saturday, September 22, 2012
Home » Pentest » pentest scripts » python » DotDotPwn v3.0 - The Directory Traversal Fuzzer

DotDotPwn v3.0 - The Directory Traversal Fuzzer



DotDotPwn v3.0 - The Directory Traversal Fuzzer


Version: DotDotPwn v3.0
Release date: 03/Feb/2012 (Release at BugCon Security Conferences 2012)

Changes / Enhancements / Features:
  1. -X switch that implements the Bisection Algorithm in order to detect the exact deepness once a directory traversal vulnerability has been found. -http://en.wikipedia.org/wiki/Bisection_method
  2. -M switch to specify another method different from the default (GET) when the http module is used.
  3. Other HTTP methods are [POST | HEAD | COPY | MOVE]
  4. -e switch to specify the file extension to be appended at the end of each fuzz string (e.g. ".php", ".jpg", ".inc")
  5. New dots & slashes encodings (fuzz patterns) based on:https://www.owasp.org/index.php/Canonicalization,_locale_and_Unicode andhttp://wikisecure.net/security/uri-encoding-to-bypass-idsips
Supported modules:
- HTTP
- HTTP URL
- FTP
- TFTP
- Payload (Protocol independent)
- STDOUT

Feel free to download this new release from the following sites:



Source -

For More information -



Posted by at 12:05 PM
Information Security , ,
Share:

0 comments:

Post a Comment

:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
Welcome Back Visitor! Your Last Visit Was on Thur, Apr 10, 2025 09:34:26 AM
 
TOP