We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
encoding
napkin http://www.0x90.org/releases/napkin/
sqli
bsql-bf2 http://code.google.com/p/bsqlbf-v2/
web raider http://www.mavitunasecurity.com/blog/webraider/
sqlsus for mysql http://sqlsus.sourceforge.net/index.html
sfx-sqli for ms-sql http://www.kachakil.com/papers/SFX-SQLi-en.htm
sqlbrute - ms-sql and oracle - http://www.justinclarke.com/archives/2006/03/sqlbrute.html
proxy
owasp zap (recommended, has fuzzdb plugin) https://github.com/zaproxy
burp suite http://portswigger.net/
cat http://www.contextis.co.uk/resources/tools/cat/
webscarab http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project#Download]
fuzzer
owasp Zap https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
burp intruder http://portswigger.net/
jbrofuzz http://sourceforge.net/projects/jbrofuzz/
webscarab http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project#Download
pywebfuzz, a python implementation of fuzzdb, and much more http://code.google.com/p/pywebfuzz/
other brute force tools
CMS Explorer (the file patterns are in fuzzdb, but cms-explorer does more than that) http://code.google.com/p/cms-explorer/