Multi Purpose Hacking/ Pentesting Tools
What is Wfuzz?
Wfuzz is a hacking tool use created to brute force Web Applications. Some of the features of this tool includes multiple Injection points capability with multiple dictionaries, output to HTML, recursion (When doing directory bruteforce), colored output, post, headers and authentication data brute forcing, cookies fuzzing, time delays between requests, SOCK support, authentication support (NTLM, Basic), proxy support, payload combinations with iterators, HEAD scan (faster for resource discovery), brute force HTTP methods, multiple proxy support (each request through a different proxy) and hide results by return code, word numbers, line numbers, regex.
and a whole lot more…
Is Wfuzz Free?
Yes! Wfuzz is free.
Does Wfuzz Work on all Operating Systems?
It works on Linux, Windows and MAC OS X operating systems.
What are the Typical Uses for Wfuzz?
This tool is use to brute force Web Applications and can be used to find resources not linked (servlets, directories, scripts, etc.), POST parameters for various injections like SQL, LDAP, XSS, form parameters bruteforcing (username/password), fuzzing and a lot more.