Wfuzz - The web fuzzer
Project description
# Wfuzz - The Web Fuzzer
## What is this?
Wfuzz is a tool designed to fuzz web applications, it’s very flexible, it supports:
Recursion (when doing directory discovery)
Post data bruteforcing
Header bruteforcing
Output to HTML (easy for just clicking the links and checking the page, even with postdata!)
Colored output
Hide results by return code, word numbers, line numbers, etc.
Url encoding
Cookies
Multithreading
Proxy support
All parameter fuzzing
etc
It was created to facilitate the task in web applications assessments, it’s a tool by pentesters for pentesters ;)
## How does it works?
The tool is based on dictionaries or ranges, then you choose where you want to bruteforce just by replacing the value by the word FUZZ.
For further information check the wiki at https://github.com/xmendez/wfuzz/wiki.
Or check the README file for usage examples.
## Download
Check github releases. Latest:
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
