Never Ending Security

It starts all here

Tag Archives: WebPwn3r

WebPwn3r Web Applications Security Scanner For Security Researchers


WebPwn3r – Web Applications Security Scanner. WebPwn3r is a Web Applications Security Scanner coded in Python to help Security Researchers to scan Multiple links in the same time against Remote Code/Command Execution & XSS Vulnerabilities.

This tool is very helpful to bug bounty hunters they can find the vulnerable on their websites and submit to Companies. And enjoy the bounty if your bug is accepted

How to use?

1- python scan.py

2- The tool will ask you if you want to scan URL or List of URL 1- Enter number 1 to scan a URL 2- Enter number 2 to scan list of URL’s

3- URL should be a full link with a parameters

.e.g http://localhost/rand/news.php?com=val&id=11&page=24&text=zigoo

same thing with the list of links.

In it’s Current Public [Demo] version, WebPwn3r got below Features:

1- Scan a URL or List of URL’s

2- Detect and Exploit Remote Code Injection Vulnerabilities.

3- Remote Command Execution Vulnerabilities.

4- Typical XSS Vulnerabilities.

5- Detect Web Knight WAF.

6- Improved Payloads to bypass Security Filters/WAF’s.

7- Finger-Print the backend Technologies.

Video:


More information can be found at: https://github.com/zigoo0/webpwn3r

Advertisements

WebPwn3r – Web Applications Security Scanner.


WebPwn3r

Web Applications Security Scanner

WebPwn3r is a Web Applications Security Scanner coded in Python to help Security Researchers to scan Multiple links in the same time against Remote Code/Command Execution & XSS Vulnerabilities.

WebPwn3r - Web Applications Security Scanner.

Features:

  • Scan a URL or List of URL’s
  • Detect and Exploit Remote Code  Injection Vulnerabilities.
  • ~ ~ ~ Remote Command  Execution Vulnerabilities.
  • ~ ~ ~ Typical XSS Vulnerabilities.
  • Detect WebKnight WAF.
  • Improved Payloads to bypass Security Filters/WAF’s.
  • Finger-Print the backend Technologies.

More information can be found at: https://github.com/zigoo0/webpwn3r and at: http://www.sec-down.com/wordpress/?p=373