reddit hackernews mail facebook facebook linkedin


Tool for automating customized attacks against web applications.

- Brute force login and passwords in auth forms
- Directory disclosure ( use PATH list to the brute, and find HTTP status code )
- Test to find SQL Injection and XSS vulnerabilities
- Test to find SSRF
- Test to find Command injection
- Options to load ANTI-CSRF token each request
- Options to use random proxy per request
- Options to use random useragent per request
- Option for keep alive test (slowloris test)