Webfuzz it's nice to bruteforce it =)
Wfuzz is a tool designed for bruteforcing Web Applications, it can be
used for finding resources not linked (directories, servlets, scripts,
etc), bruteforce GET and POST parameters for checking different kind
of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters
(User/Password), Fuzzing,etc.
http://www.edge-security.com/wfuzz.php
Regards,
On 5/23/07, s-williams@nyc.rr.com <s-williams@nyc.rr.com> wrote:
I am task with testing user accounts on our mail system. We currently have two
systems Exchange, and OpenMail for Linux which is on the DMZ. We are interested
in finding out how easy it might be for someone to guess the password of one or
our users account.
And if the are sucessful what can the do on the linux box, with that username
and password.
We have a main site with a link to the webmail system from there, ifi want to
test this which tool might be the best for doing this since its a link and not
the main page?
Thanks in advance
"A wise man ask questions, a fool is afraid of knowledge"
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
--
"If you are not part of solution,
you are part of the problem."
=========================
Rodrigo Ribeiro Montoro
BRConnection Security Team
spooker@brc.com.br
RHCE/LPIC-I
=========================
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
