This project is not maintained for years, and was written when I started learning Python, but still people likes it :D. it only supports python2.7
WebPwn3r - Web Applications Security Scanner.
By Ebrahim Hegazy - @Zigoo0
Thanks: @lnxg33k, @dia2diab @Aelhemily, @okamalo
Please send all your feedback and suggestions to: zigoo.blog['at']@gmail.com
How to use:
1- python scan.py
2- The tool will ask you if you want to scan URL or List of urls?
1- Enter number 1 to scan a URL
2- Enter number 2 to scan list of URL's
3- URL should be a full link with a parameters
.e.g http://localhost/rand/news.php?com=val&id=11&page=24&text=zigoo
same thing with the list of links.
Demo Video: https://www.youtube.com/watch?v=B6kDUk-ehOE
In it’s Current Public [Demo] version, WebPwn3r got below Features:
1- Scan a URL or List of URL’s
2- Detect and Exploit Remote Code Injection Vulnerabilities.
3- ~ ~ ~ Remote Command Execution Vulnerabilities.
4- ~ ~ ~ SQL Injection Vulnerabilities.
5- ~ ~ ~ Typical XSS Vulnerabilities.
6- Detect WebKnight WAF.
7- Improved Payloads to bypass Security Filters/WAF’s.
8- Finger-Print the backend Technologies.
More details: http://www.sec-down.com/wordpress/?p=373