Edge-security group - Wfuzz
It's very flexible, here are some functionalities:
* -Recursion (When doing directory bruteforce)
* -Post, headers and authentication data bruteforcing
* -Output to HTML (easy for just clicking the links and checking the page, even with postdata!!)
* -Colored output on all systems ;)
* -Hide results by return code, word numbers, line numbers, etc.
* -Encodings:
o - Random_upper
o - Urlencode
o - SHA1
o - Bin_ascii
o - Base64
o - Double_nibble_hex
o - Uri_hex
o - MD5
o - Double_urlencode
o - UTF8
o - UTF8 binary
o - HTML
o - HTML decimal
o - many more...
* -Cookies fuzzing
* -Multithreading
* -Proxy support
* -Multiple FUZZ capability with multiple dictionaries
* -Authentication support (Ntlm, Digest,Basic)
* -All parameters bruteforcing (POST and GET)
* -Dictionaries tailored for known applications (Weblogic, Iplanet, Tomcat, Domino, Oracle 9i, Vignette, Coldfusion and many more. (Many dictionaries are from Darkraver's Dirb, www.open-labs.org)