Sunday, July 25, 2010

PuzlBox - PHP fuzzer tool

PuzlBox is a PHP fuzz tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect the following vulnerabilities:

Arbitrary Command Execution
Arbitrary PHP Execution
Local File Inclusion
Aribtray File Read/Write/Change/Rename/Delete
SQL Injection
Reflected Cross-site Scripting


PuzlBox must be run as administrator!

puzlbox [-s Server (default localhost)] [-m Scan Modes (default CFLPSX)] [Absolute Web Root] [-n No Unhook] [Application Paths (comma delimited)]

No comments: