Skip to content

D3f4lt/wfuzz

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
externals
externals
 
 
framework
framework
 
 
patterns
patterns
 
 
plugins
plugins
 
 
wordlist
wordlist
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README
README
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 
wfuzz.py
wfuzz.py
 
 

Repository files navigation

Wfuzz - The Web Bruteforcer

What is this?

Wfuzz is a tool designed to brutefore web applications, it's very flexible, it supports:

  • Recursion (when doing directory discovery)
  • Post data bruteforcing
  • Header bruteforcing
  • Output to HTML (easy for just clicking the links and checking the page, even with postdata!)
  • Colored output
  • Hide results by return code, word numbers, line numbers, etc.
  • Url encoding
  • Cookies
  • Multithreading
  • Proxy support
  • All parameter fuzzing
  • etc

It was created to facilitate the task in web applications assessments, it's a tool by pentesters for pentesters ;)

How does it works?

The tool is based on dictionaries or ranges, then you choose where you want to bruteforce just by replacing the value by the word FUZZ.

Check the README file for usage examples.

Download

Check github releases. Latest:

About

Web application bruteforcer

www.edge-security.com/wfuzz.php

Resources

Readme

License

GPL-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages

  • Python 100.0%