GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → wireghoul → Dotdotpwn

wireghoul / Dotdotpwn

Licence: gpl-3.0
DotDotPwn - The Directory Traversal Fuzzer

Programming Languages

perl
6916 projects

Labels

securitypenetration-testingfuzzer

Projects that are alternatives of or similar to Dotdotpwn

vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-51.08%)
Mutual labels:  penetration-testing, fuzzer
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+1105.66%)
Mutual labels:  penetration-testing, fuzzer
Katanaframework
The New Hacking Framework
Stars: ✭ 502 (-16.47%)
Mutual labels:  penetration-testing
Echidna
Ethereum smart contract fuzzer
Stars: ✭ 571 (-4.99%)
Mutual labels:  fuzzer
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5375.71%)
Mutual labels:  penetration-testing
Awesome Termux Hacking
⚡️An awesome list of the best Termux hacking tools
Stars: ✭ 509 (-15.31%)
Mutual labels:  penetration-testing
Nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+888.85%)
Mutual labels:  penetration-testing
Prjxray
Documenting the Xilinx 7-series bit-stream format.
Stars: ✭ 491 (-18.3%)
Mutual labels:  fuzzer
Scanners Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+830.12%)
Mutual labels:  penetration-testing
Scantron
A distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (-9.82%)
Mutual labels:  penetration-testing
Damn Vulnerable Graphql Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-5.66%)
Mutual labels:  penetration-testing
Whonow
A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-11.31%)
Mutual labels:  penetration-testing
Fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Stars: ✭ 521 (-13.31%)
Mutual labels:  fuzzer
Funfuzz
A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
Stars: ✭ 559 (-6.99%)
Mutual labels:  fuzzer
Linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-16.14%)
Mutual labels:  penetration-testing
Tactical Exploitation
Modern tactical exploitation toolkit.
Stars: ✭ 585 (-2.66%)
Mutual labels:  penetration-testing
Commando Vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
Stars: ✭ 5,030 (+736.94%)
Mutual labels:  penetration-testing
Jsfuzz
coverage guided fuzz testing for javascript
Stars: ✭ 532 (-11.48%)
Mutual labels:  fuzzer
Easy hack
Hack the World using Termux
Stars: ✭ 549 (-8.65%)
Mutual labels:  penetration-testing
Hashview
A web front-end for password cracking and analytics
Stars: ✭ 601 (+0%)
Mutual labels:  penetration-testing
View All Similar Projects ➔

DESCRIPTION

DotDotPwn - The Directory Traversal Fuzzer

It's a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.

Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

It's written in perl programming language and can be run either under OS X, *NIX or Windows platforms. It's the first Mexican tool included in BackTrack Linux (BT4 R2).

Fuzzing modules supported in this version:

  • HTTP
  • HTTP URL
  • FTP
  • TFTP
  • Payload (Protocol independent)
  • STDOUT

REQUIREMENTS

Perl modules:

  • Net::FTP
  • TFTP (only required if fuzzing TFTP)
  • Time::HiRes
  • Socket
  • IO::Socket
  • Getopt::Std

You can easily install the missing modules doing the following as root:

# perl -MCPAN -e "install <MODULE_NAME>"

or

# cpan 
cpan> install <MODULE_NAME>

EXAMPLES

Read EXAMPLES.txt

CONTACT

Official Website: http://dotdotpwn.sectester.net Official Email: [email protected] Bugs / Contributions / Improvements: [email protected]

AUTHORS

 Christian Navarrete aka chr1x         Alejandro Hernandez H. aka nitr0us
   http://twitter.com/chr1x              http://twitter.com/nitr0usmx
      [email protected]                  [email protected]
                                         http://www.brainoverflow.org

 CubilFelino Security Research Lab     Chatsubo [(in)Security Dark] Labs
   http://chr1x.sectester.net          http://chatsubo-labs.blogspot.com

CHANGE HISTORY

Read CHANGELOG.txt

LICENSE

DotDotPwn - The Directory Traversal Fuzzer
Copyright (C) 2012 Christian Navarrete and Alejandro Hernandez H.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].