Web-Sorrow is a versatile security scanner for the information disclosure and fingerprinting phases of pentesting.Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks.
Basic overview of capabilities:
- Web Services: a CMS and it's version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints.
- Authentication areas: logins, admin logins, email webapps.
- Bruteforce: Subdomains, Files and Directories.
- Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host.
- AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)
Download Here :: Web-Sorrow 1.5.0.zip
Source :: http://code.google.com/p/web-sorrow/