Dotdotpwn

Jul 20, 2023

Fuzzer to discover traversal directory vulnerabilities

DotDotPwn - The Directory Traversal Fuzzer

It is a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.

It has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

It is written in Perl.



Checkout these related ports:
  • Zzuf - Transparent application input fuzzer
  • Zlint - X.509 certificate linter
  • Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
  • Zenmap - GUI frontend for the Nmap scanning utility
  • Zeek - System for detecting network intruders in real-time
  • Zaproxy - The OWASP zed attack proxy
  • Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
  • Yubikey-personalization-gui - Graphical YubiKey personalization tool
  • Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
  • Yubikey-agent - Seamless ssh-agent for YubiKeys
  • Yubico-piv-tool - Yubico PIV tool
  • Ylva - Command line password manager and file encryption program
  • Ykpers - Library and tool for personalization of Yubico's YubiKey
  • Ykclient - Yubico C client library
  • Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)