WebPwn3r is a Web Applications Security Scanner coded in Python to help Security Researchers to scan Multiple links in the same time against Remote Code/Command Execution & XSS Vulnerabilities.

You can extract the URL’s from Burp Suite and save it in list.txt then pass it to WebPwn3r.

You can also use your own crowler to gather URL’s for a certain domain or a random domains, and save it in list.txt then pass it to WebPwn3r.

1- Scan a URL or List of URL’s

2- Detect and Exploit Remote Code  Injection Vulnerabilities.

3- ~ ~ ~ Remote Command  Execution Vulnerabilities.

4- ~ ~ ~ Typical XSS Vulnerabilities.

5- Detect WebKnight WAF.

6- Improved Payloads to bypass Security Filters/WAF’s.

7- Finger-Print the backend Technologies.