i Powerfuzzer – Web Application Fuzzer – All things in moderation

Powerfuzzer – Web Application Fuzzer


Powerfuzzer is a highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer) based on many other Open Source fuzzers available ( such as cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer) and information gathered from numerous security resources and websites. It was designed to be user friendly, modern, effective and working.


Currently, it is capable of identifying these problems:

– Cross Site Scripting (XSS)

– Injections (SQL, LDAP, code, commands, and XPATH)


– HTTP 500 statuses (usually indicative of a possible misconfiguration/security flaw incl. buffer overflow)

You can download from: http://www.powerfuzzer.com/

Usage Example

This tool design for easy to use:

Scanning interface:

Report interface:

Leave a Reply