DotDotPwn v3.0.2 - The Directory Traversal Fuzzer.

DotDotPwn v3.0.2 – The Directory Traversal Fuzzer.

DotDotPwn It’s a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.
Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module. It’s written in perl programming language and can be run either under OS X, *NIX or Windows platforms. It’s the first Mexican tool included in BackTrack Linux (BT4 R2).

DotDotPwn v3.0.2

DotDotPwn v3.0.2

Fuzzing modules supported in this version:
– HTTP
– HTTP URL
– FTP
– TFTP
– Payload (Protocol independent)
– STDOUT

Changelog DotDotPwn v3.0.2:
Bumping version number to cover all the changes accumulated over the last two years or so, most notably:
* Several new and improved fuzz patterns
* Added more traversal prefix and suffixes
* Fixed reports folder bug
* Fixed mistaken server outage detection
* Fixed whitespace and typo issues
* Bisection module fixes
* Documentation updates
* More os specific file variants
* Removed Switch dependency
* Only require TFTP module if fuzzing TFTP

Usage and download from source:

Download stable: 3.0.2.zip  | 3.0.2.tar.gz
Source: http://dotdotpwn.blogspot.com/