[Web-Sorrow v1.5] Versatile security scanner for the information disclosure and fingerprinting phases of pentesting
Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks.
Web Services: a CMS and it's version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints
Authentication areas: logins, admin logins, email webapps
Bruteforce: Subdomains, Files and Directories
Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host
AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)
![[Web-Sorrow v1.5] Versatile security scanner for the information
disclosure and fingerprinting phases of pentesting](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyRheNJb8jywhE09IplhjY-RUrYlFwZGvC4uNcBG1DazQ_BtkLo2QTPu8HaiuzVB-6i0tSGBi5yNLW1PslPPVzGntzM-Q4SHZgzh-O3_ieMJJUzxwnHaGC2FeM2ZvXwwzsRQFhoJu6Od0/s72-c/Web-Sorrow.png)