Webslayer is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts,files, etc), brute force GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and an easy and powerful results analyzer.
You can perform attacks like:Predictable resource locator, recursion supported (Discovery) Login forms brute force Session brute force Parameter brute force Parameter fuzzing and injection (XSS, SQL) Basic and Ntml authentication brute forcing Some features:Recursion Encodings: 15 encodings supported Authentication: supports Ntml and Basic Multiple payloads: you can use 2 payloads in different parts Proxy support (authentication supported) For predictable resource location it has: Recursion, common extensions, non standard code detection Multiple filters for improving the performance and for producing cleaner results Live filters Multithreads Session saving Integrated browser (webKit) Time delay between requests Attack balancing across multiple proxies Predefined dictionaries for predictable resource location, based on known servers (Thanks to Dark Raver, www.open-labs.org)