PuzlBox is a PHP fuzz tool that scans for several different vulnerabilities by performing dynamic program analysis.
It can detect the following vulnerabilities:
Arbitrary Command Execution
Arbitrary PHP Execution
Local File Inclusion
Aribtray File Read/Write/Change/Rename/Delete
Reflected Cross-site Scripting
PuzlBox must be run as administrator!
Do not navigate to any of the target web applications during the scan.
puzlbox [-s Server (default localhost)] [-m Scan Modes (default CFLPSX)] [Absolute Web Root] [-n No Unhook] [Application Paths (comma delimited)]