WebSlayer Package Description

Webslayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.

You can perform attacks like:

  • Predictable resource locator, recursion supported (Discovery)
  • Login forms brute force
  • Session brute force
  • Parameter brute force
  • Parameter fuzzing and injection (XSS, SQL)
  • Basic and Ntml authentication brute forcing

Some features:

  • Recursion
  • Encodings: 15 encodings supported
  • Authentication: supports Ntml and Basic
  • Multiple payloads: you can use 2 payloads in different parts
  • Proxy support (authentication supported)
  • For predictable resource location it has: Recursion, common extensions, non standard code detection
  • Multiple filters for improving the performance and for producing cleaner results
  • Live filters
  • Multithreads
  • Session saving
  • Integrated browser (webKit)
  • Time delay between requests
  • Attack balancing across multiple proxies
  • Predefined dictionaries for predictable resource location, based on known servers

Source: http://www.edge-security.com/webslayer.php
WebSlayer Homepage | Kali WebSlayer Repo

  • Author: OWASP
  • License: GPLv2

tools included in the webslayer package

webslayer – Web application bruteforcer

The web application bruteforcer.

webslayer Usage Example

root@kali:~# webslayer