w3bfukk0r 0.2 Forced Browsing Tool Released


w3bfukk0r is a forced browsing tool, it basically scans webservers (HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force mechanism based on a word list. Features:

  • HTTP/HTTPS(SSL) support
  • Banner grabbing
  • User-Agent faking
  • Proxy support (HTTP/S)
  • Reports found and non-existend directories

Example output:

Note: Not all webservers are handling HTTP status codes correctly, so if the webserver doesn’t care about RFCs the report generated by w3bfukk0r may include false positives. Maybe we’ll find a good method to detect those false positives.

You can download w3bfukk0r 0.2 here:

w3bfukk0r-0.2.tar.gz

Posted in: Hacking Tools, Web Hacking


Latest Posts:


truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.


2 Responses to w3bfukk0r 0.2 Forced Browsing Tool Released

  1. ethernode November 20, 2006 at 1:01 pm #

    So basically this is a command-line POSIX intellitamper :)

  2. Getman December 5, 2006 at 11:10 pm #

    Can you add get request support ? To scan directory and files ?.

    Example :

    snprintf(buf,sizeof(buf),”GET %s%s HTTP/1.0\r\nUser-Agent: %s\r\nHost: %s:%u\r\nConnection: %s\r\n\r\n”,