pkgsrc/security/wfuzz/DESCR
leot 7d472e0cb1 security/wfuzz: import wfuzz-3.1.0
Wfuzz has been created to facilitate the task in web applications
assessments and it is based on a simple concept: it replaces any
reference to the FUZZ keyword by the value of a given payload.

A payload in Wfuzz is a source of data.

This simple concept allows any input to be injected in any field of an
HTTP request, allowing to perform complex web security attacks in
different web application components such as: parameters,
authentication, forms, directories/files, headers, etc.

Wfuzz is more than a web content scanner:

 - Wfuzz could help you to secure your web applications by finding and
   exploiting web application vulnerabilities. Wfuzz's web application
   vulnerability scanner is supported by plugins.
 - Wfuzz is a completely modular framework and makes it easy for even
   the newest of Python developers to contribute. Building plugins is
   simple and takes little more than a few minutes.
 - Wfuzz exposes a simple language interface to the previous HTTP
   requests/responses performed using Wfuzz or other tools, such as Burp.
   This allows you to perform manual and semi-automatic tests with full
   context and understanding of your actions, without relying on a web
   application scanner underlying implementation.
2021-03-06 21:05:33 +00:00

24 lines
1.2 KiB
Text

Wfuzz has been created to facilitate the task in web applications
assessments and it is based on a simple concept: it replaces any
reference to the FUZZ keyword by the value of a given payload.
A payload in Wfuzz is a source of data.
This simple concept allows any input to be injected in any field of an
HTTP request, allowing to perform complex web security attacks in
different web application components such as: parameters,
authentication, forms, directories/files, headers, etc.
Wfuzz is more than a web content scanner:
- Wfuzz could help you to secure your web applications by finding and
exploiting web application vulnerabilities. Wfuzz's web application
vulnerability scanner is supported by plugins.
- Wfuzz is a completely modular framework and makes it easy for even
the newest of Python developers to contribute. Building plugins is
simple and takes little more than a few minutes.
- Wfuzz exposes a simple language interface to the previous HTTP
requests/responses performed using Wfuzz or other tools, such as Burp.
This allows you to perform manual and semi-automatic tests with full
context and understanding of your actions, without relying on a web
application scanner underlying implementation.