The web application bruteforcer

Launch project
  • alt text
  • alt text
  • alt text
Project name: Webslayer
Download: Google Code
Language: Python
Featured in:

Webslayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.

You can perform attacks like:
Predictable resource locator, recursion supported (Discovery)
Login forms brute force
Session brute force
Parameter brute force
Parameter fuzzing and injection (XSS, SQL)
Basic and Ntml authentication brute forcing

Some features:
Encodings: 15 encodings supported
Authentication: supports Ntml and Basic
Multiple payloads: you can use 2 payloads in different parts
Proxy support (authentication supported)
For predictable resource location it has: Recursion, common extensions, non standard code detection
Multiple filters for improving the performance and for producing cleaner results
Live filters
Session saving
Integrated browser (webKit)
Time delay between requests
Attack balancing across multiple proxies
Predefined dictionaries for predictable resource location, based on known servers
 (Thanks to Dark Raver,