WebVS is primarily an information gathering (Reconnisance) tool. It can be used to brute-force subdomains, directories, files and pages of websites by providing wordlists. It can also act as a spider and extract links and forms from a webpage or website by scanning recursively. The extracted forms can later be used to check for XSS vulnerabilities. We can extend this tool in future to support CSRF and SQL Injection vulnerabilities.
- [1] Crack subdomains
- [2] Crack directories/files/pages
- [3] Extract Links
- [4] Extract Forms