Monday, 12 December 2016

Wfuzz - Web Application Password Cracking Tool

Wfuzz is a web application password cracker that has a lot of features such as post data brute-forcing, header brute-forcing, colored output, URL encoding, cookie fuzzing, multi-threading, multiple proxy support, SOCK support, authentication support, baseline support, and more.



It also offers multiple Injection points capability with multiple dictionaries, and recursion (when doing directory brute-force), and the HEAD scan (faster resource discovery) feature.

Wfuzz allows you to define as many encoders as you need for each payload independently. It also allows you to combine your payloads in different ways by specifying iterators.