Skip to content
Xavi Mendez edited this page Jan 26, 2015 · 8 revisions

Welcome to the wfuzz wiki!

Wfuzz - The Web Bruteforcer

What is this?

Wfuzz is a tool designed to brutefore web applications, it's very flexible, it supports:

  • Recursion (when doing directory discovery)
  • Post data bruteforcing
  • Header bruteforcing
  • Output to HTML (easy for just clicking the links and checking the page, even with postdata!)
  • Colored output
  • Hide results by return code, word numbers, line numbers, etc.
  • Url encoding
  • Cookies
  • Multithreading
  • Proxy support
  • All parameter fuzzing
  • etc

It was created to facilitate the task in web applications assessments, it's a tool by pentesters for pentesters ;)

Clone this wiki locally