Home page logo

pen-test logo Penetration Testing mailing list archives

Release of webshag 1.00!
From: webshag () scrt ch
Date: 20 Mar 2008 08:46:19 -0000

Webshag is a free, multi-threaded, multi-platform web server audit tool.

Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL 
scanning or file fuzzing. It also provides innovative functionalities like the capability of retrieving  the list of 
domain names hosted on a target machine and file fuzzing using *dynamically* generated filenames (in addition to common 
list-based fuzzing).

Webshag URL scanner and file fuzzer are aimed at reducing the number of false positives and thus producing cleaner 
result sets. For this purpose, 
webshag implements a web page fingerprinting mechanism resistant to content changes. This fingerprinting mechanism is 
then used in a false positive removal algorithm specially aimed at dealing with "soft 404" server responses.

Webshag provides a full featured and intuitive graphical user interface as well as a text-based command line interface.

It is freely downloadable (GPL license) for Linux and Windows platforms from

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!


  By Date           By Thread  

Current thread:
  • Release of webshag 1.00! webshag (Mar 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]