WebPwn3r - Web Applications Security Scanner.
Switch branches/tags
Nothing to show
Clone or download
Latest commit 3fb27bb May 21, 2014
Failed to load latest commit information.
.gitignore Initial commit Apr 13, 2014
LICENSE Initial commit Apr 13, 2014
README.md Update README.md May 19, 2014
headers.py Update headers.py May 17, 2014
scan.py Update scan.py May 21, 2014
vulnz.py Update vulnz.py May 20, 2014



WebPwn3r - Web Applications Security Scanner.

By Ebrahim Hegazy - @Zigoo0

Thanks: @lnxg33k, @dia2diab @Aelhemily, @okamalo

Please send all your feedback and suggestions to: zigoo.blog['at']@gmail.com

How to use:

1- python scan.py

2- The tool will ask you if you want to scan URL or List of urls?

1- Enter number 1 to scan a URL

2- Enter number 2 to scan list of URL's

3- URL should be a full link with a parameters

.e.g http://localhost/rand/news.php?com=val&id=11&page=24&text=zigoo

same thing with the list of links.

Demo Video: https://www.youtube.com/watch?v=B6kDUk-ehOE

In it’s Current Public [Demo] version, WebPwn3r got below Features:

1- Scan a URL or List of URL’s

2- Detect and Exploit Remote Code Injection Vulnerabilities.

3- ~ ~ ~ Remote Command Execution Vulnerabilities.

4- ~ ~ ~ SQL Injection Vulnerabilities.

5- ~ ~ ~ Typical XSS Vulnerabilities.

6- Detect WebKnight WAF.

7- Improved Payloads to bypass Security Filters/WAF’s.

8- Finger-Print the backend Technologies.

More details: http://www.sec-down.com/wordpress/?p=373