WebSlayer Package Description
Webslayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.
You can perform attacks like:
- Predictable resource locator, recursion supported (Discovery)
- Login forms brute force
- Session brute force
- Parameter brute force
- Parameter fuzzing and injection (XSS, SQL)
- Basic and Ntml authentication brute forcing
Some features:
- Recursion
- Encodings: 15 encodings supported
- Authentication: supports Ntml and Basic
- Multiple payloads: you can use 2 payloads in different parts
- Proxy support (authentication supported)
- For predictable resource location it has: Recursion, common extensions, non standard code detection
- Multiple filters for improving the performance and for producing cleaner results
- Live filters
- Multithreads
- Session saving
- Integrated browser (webKit)
- Time delay between requests
- Attack balancing across multiple proxies
- Predefined dictionaries for predictable resource location, based on known servers
Source: http://www.edge-security.com/webslayer.php
WebSlayer Homepage | Kali WebSlayer Repo
- Author: OWASP
- License: GPLv2
tools included in the webslayer package
webslayer – Web application bruteforcer
The web application bruteforcer.
webslayer Usage Example
[email protected]:~# webslayer
