Wednesday, October 13, 2010

PuzlBox - PHP Vulnerability Scanner

PuzlBox is a PHP fuzz tool that scans for several different vulnerabilities by performing dynamic program analysis.

It can detect the following vulnerabilities:
Arbitrary Command Execution
Arbitrary PHP Execution
Local File Inclusion
Aribtray File Read/Write/Change/Rename/Delete
SQL Injection
Reflected Cross-site Scripting

Usage

PuzlBox must be run as administrator!
Do not navigate to any of the target web applications during the scan.
puzlbox [-s Server (default localhost)] [-m Scan Modes (default CFLPSX)] [Absolute Web Root] [-n No Unhook] [Application Paths (comma delimited)]

Download: http://sourceforge.net

No comments: