Today blog post is about WebPwn3r 🙂
For those who never heared about WebPwn3r, let me introduce it to you.
You can extract the URL’s from Burp Suite and save it in list.txt then pass it to WebPwn3r.
You can also use your own crowler to gather URL’s for a certain domain or a random domains, and save it in list.txt then pass it to WebPwn3r.
In it’s Public Demo version, WebPwn3r got below Features:
1- Scan a URL or List of URL’s
2- Detect and Exploit Remote Code Injection Vulnerabilities.
3- ~ ~ ~ Remote Command Execution Vulnerabilities.
4- ~ ~ ~ Typical XSS Vulnerabilities.
5- Detect WebKnight WAF.
6- Improved Payloads to bypass Security Filters/WAF’s.
7- Finger-Print the backend Technologies.
The tool is under a heavy development 🙂
Demo Video for the tool:
To download the Tool: