17 November 2006 | 5,762 views

w3bfukk0r 0.2 Forced Browsing Tool Released

Check For Vulnerabilities with Acunetix

w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features:

  • HTTP/HTTPS(SSL) support
  • Banner grabbing
  • User-Agent faking
  • Proxy support (HTTP/S)
  • Reports found and non-existend directories

Example output:

Note: Not all webservers are handling HTTP status codes correctly, so if the webserver doesn’t care about RFCs the report generated by w3bfukk0r may include false positives. Maybe we’ll find a good method to detect those false positives.

You can download w3bfukk0r 0.2 here:



Recent in Hacking Tools:
- american fuzzy lop – Security Oriented Fuzzing Tool
- KeeFarce – Extract KeePass Passwords (2.x) From Database
- 0d1n – Web HTTP Fuzzing Tool

Related Posts:
- Google Safe Browsing Extension for Firefox & Netcraft Toolbar – Anti-Phishing
- Sandboxie – Sandbox Your Browser / Software / Programs In Windows
- Site Guesses Your Gender via Browsing History

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,940,331 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,277,274 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 659,207 views

Low-cost VPS Hosting

2 Responses to “w3bfukk0r 0.2 Forced Browsing Tool Released”

  1. ethernode 20 November 2006 at 1:01 pm Permalink

    So basically this is a command-line POSIX intellitamper :)

  2. Getman 5 December 2006 at 11:10 pm Permalink

    Can you add get request support ? To scan directory and files ?.

    Example :

    snprintf(buf,sizeof(buf),”GET %s%s HTTP/1.0\r\nUser-Agent: %s\r\nHost: %s:%u\r\nConnection: %s\r\n\r\n”,