Navigation



Powerfuzzer – Automated Customizable Web Fuzzer

Last updated: March 11, 2017 | 3,002 views

Powerfuzzer is a highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer) based on many other Open Source fuzzers available and information gathered from numerous security resources and websites.

It was designed to be user-friendly, modern, effective and to work consistently.

Powerfuzzer - Automated Customizable Web Fuzzer

It is also designed and coded to be modular and extendable, adding new checks should simply entail adding new methods.

It’s based on tools such as cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer and more.


Features

Currently, it is capable of identifying these problems:

  • Cross Site Scripting (XSS)
  • Injections (SQL, LDAP, Code, Commands and XPATH)
  • CRLF
  • HTTP 500 statuses (usually indicative of a possible misconfiguration/security flaw incl. buffer overflow)

You can download Powerfuzzer here:

powerfuzzer_v1_beta_patched_binary_installer_complete.exe

Or read more here.

Share43
Tweet
Share42
Buffer10
WhatsApp
Email
95 Shares
Posted in: Exploits/Vulnerabilities, Hacking Tools, Secure Coding

, ,


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
January 1, 2021 - 100 Shares
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
December 7, 2020 - 166 Shares
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
November 6, 2020 - 171 Shares
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
November 3, 2020 - 234 Shares
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
October 22, 2020 - 101 Shares
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
October 13, 2020 - 127 Shares


2 Responses to Powerfuzzer – Automated Customizable Web Fuzzer

  1. carlos March 14, 2017 at 5:41 pm #

    what is this for?

    • Darknet March 17, 2017 at 9:52 pm #

      Fuzzing..