WebPwn3r - A Web Application Security Scanner
WebPwn3r is a Python-based web application security scanner.
__ __ _ _____ ____
\ \ / / | | | __ \ |___ \
\ \ /\ / /__| |__ | |__) |_ ___ __ __) |_ __
\ \/ \/ / _ \ '_ \| ___/\ \ /\ / / '_ \ |__ <| '__|
\ /\ / __/ |_) | | \ V V /| | | |___) | |
\/ \/ \___|_.__/|_| \_/\_/ |_| |_|____/|_|
##############################################################
#| "WebPwn3r" Web Applications Security Scanner #
#| By Ebrahim Hegazy - @Zigoo0 #
#| This Version Supports Remote Code/Command Execution, XSS #
#| And SQL Injection. #
#| Thanks @lnxg33k, @dia2diab @Aelhemily, @okamalo #
#| More Details: http://www.sec-down.com/wordpress/?p=373 #
##############################################################
Features:
- Scan a URL or List of URL's.
- Detect and exploit Remote Code Injection vulnerabilities.
- Detect and exploit Remote Command Execution vulnerabilities.
- Detect and exploit SQL Injection vulnerabilities.
- Detect and exploit typical XSS vulnerabilities.
- Detect WebKnight WAF.
- Improved Payloads to bypass Security Filters/WAF's.
- Fingerprint the backend Technologies.
How To Use WebPwn3r
1. Run this:python scan.pyEnter number 1 to scan a URL
Enter number 2 to scan list of URL's
URL(s) should be a full link with parameters.
Example: http://localhost/rand/news.php?com=val&id=11&page=24&text=zigoo
Source: www.effecthacking.com
WebPwn3r - A Web Application Security Scanner
Reviewed by Anonymous
on
11:51 PM
Rating:
Reviewed by Anonymous
on
11:51 PM
Rating:
