Monday, December 6, 2010

DotDotPwn v2.1 - The Directory Traversal Fuzzer

It's a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as Web/FTP/TFTP servers,Web platforms such as CMSs,ERPs,Blogs,etc.Also,it has a protocol independent module to send the desired payload to the host and port specified. On the other hand,it also could be used in a scripting way using the STDOUT module.It's written in perl programming language and can be run either under *NIX or Windows platforms.Fuzzing modules supported in this version:- HTTP - HTTP URL - FTP - TFTP - Payload (Protocol independent) - STDOUT

Now included in the Backtrack R2

- apt-get install dotdotpwn
- cpan -i HTTP::Lite


No comments: