WebSlayer

[Nytro]

WebSlayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.

You can perform attacks like:

• Predictable resource locator, recursion supported (Discovery)
  

• Login forms brute force
  

• Session brute force
  

• Parameter brute force
  

• Parameter fuzzing and injection (XSS, SQL)
  

• Basic and Ntml authentication brute forcing
  

Features:

• Recursion
  
• Encodings: 15 encodings supported
  
• Authentication: supports Ntml and Basic
  
• Multiple payloads: you can use 2 payloads in different parts
  
• Proxy support (authentication supported)
  
• For predictable resource location it has: Recursion, common extensions, non standard code detection
  
• Multiple filters for improving the performance and for producing cleaner results
  
• Live filters
  
• Multithreads
  
• Session saving
  
• Integrated browser (webKit)
  
• Time delay between requests
  
• Attack balancing across multiple proxies
  

• Predefined dictionaries for predictable resource location, based on known servers (Thanks to Dark Raver, OPEN-LABS)
  

This site will be used to host the project files, and for issues management.

Official OWASP: site

Download:

https://code.google.com/p/webslayer/downloads/list

Sursa: https://code.google.com/p/webslayer/

[io.kent]

Cred ca merita incercat