Tool and Usage
|Author||Carlos del Ojo, Christian Martorella|
|Latest release||2.2.11 |
Why this tool?
Wfuzz is a fuzzing tool written in Python. Tools like Wfuzz are typically used to test web applications and how they handle both expected as unexpected input.
Usage and audience
Wfuzz is commonly used for application fuzzing, application security, application testing, or web application analysis. Target users for this tool are developers and pentesters.
- Command line interface
- Extendable with custom tests and plugins
- Tool is modular
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 1000 GitHub stars
- + The source code of this software is available
Supported operating systems
Wfuzz is known to work on Linux.
Similar tools to Wfuzz:
Web Application Security Scanner aimed towards helping users evaluate the security of web applications
SQLMate is a security tool that calls itself a friend of SQLMap. It has similar functionality, yet comes with additional features like finding an admin panel and improved hash cracking. The tool can find possible vulnerable targets, with the option to save the results and feed it to others, like SQLMap.
Yasuo is a Ruby script that scans for vulnerable and exploitable third-party web applications.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
- Fuzzing or fuzz testing is a technique to automatically test software. By providing the software unexpected inputs, the stability is tested. Any crashes or unexpected errors can reveal a weakness in the software.