Webshag a open web server audit tool multi-threaded, multi-platform written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.
Webshag supports both http and https , it can also be used through proxy. In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated. you can use multiple proxy to make thing complicated for IDS or IPS.
 |
Webshag URL scanner and file fuzzer are aimed at reducing the number of false positives and thus producing cleaner result sets. For this purpose, webshag implements a web page fingerprinting mechanism resistant to content changes. This fingerprinting mechanism is then used in a false positive removal algorithm specially aimed at dealing with “soft 404″ server responses. Webshag provides a full featured and intuitive graphical user interface as well as a text-based command line interface and is available for Linux and Windows platforms, under GPL license
Requirements
- Python 2.5 or Python 2.6 (NOT compatible with Python 3.0)
- wxPython 2.8.9.0 (or greater) GUI toolkit
- Nmap port scanner (for port scanning module only)
- A valid Live Search AppID (for domain information module only)
Download Webshag
Related Blogs
- Related Blogs on Open Source
- Related Blogs on Penetration Testing
- How to choose a Pen Tester « Steven Branigan’s Blog
- Top Tools For Penetration Testing (Security Analysis/Hacking …
- Related Blogs on Web Application Scanner
Comments on this entry are closed.