WebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.
You can perform attacks like:
Predictable resource locator, recursion supported (Discovery)
Login forms brute force
Session brute force
Parameter brute force
Parameter fuzzing and injection (XSS, SQL)
Basic and Ntml authentication brute forcing
Features:
Recursion
Encodings: 15 encodings supported
Authentication: supports Ntml and Basic
Multiple payloads: you can use 2 payloads in different parts
Proxy support (authentication supported)
For predictable resource location it has: Recursion, common extensions, non standard code detection
Multiple filters for improving the performance and for producing cleaner results
Live filters
Multithreads
Session saving
Integrated browser (webKit)
Time delay between requests
Attack balancing across multiple proxies
Predefined dictionaries for predictable resource location, based on known servers (Thanks to Dark Raver, www.open-labs.org)
This site will be used to host the project files, and for issues management.
Official OWASP: site
Source-
great information very helpful
ReplyDeleteso helpful contents
ReplyDelete