Wfuzz - The web bruteforcer - Updated 1.4 - 20/01/2008

sec 
Edge-security group - Wfuzz
screenshot
    

         It's very flexible, here are some functionalities:

    * -Recursion (When doing directory bruteforce)
    * -Post, headers and authentication data bruteforcing
    * -Output to HTML (easy for just clicking the links and checking the page, even with postdata!!)
    * -Colored output on all systems ;)
    * -Hide results by return code, word numbers, line numbers, etc.
    * -Encodings:
          o - Random_upper
          o - Urlencode
          o - SHA1
          o - Bin_ascii
          o - Base64
          o - Double_nibble_hex
          o - Uri_hex
          o - MD5
          o - Double_urlencode
          o - UTF8
          o - UTF8 binary
          o - HTML
          o - HTML decimal
          o - many more... 
    * -Cookies fuzzing
    * -Multithreading
    * -Proxy support
    * -Multiple FUZZ capability with multiple dictionaries
    * -Authentication support (Ntlm, Digest,Basic)
    * -All parameters bruteforcing (POST and GET)
    * -Dictionaries tailored for known applications (Weblogic, Iplanet, Tomcat, Domino, Oracle 9i, Vignette, Coldfusion and many more. (Many dictionaries are from Darkraver's Dirb, www.open-labs.org)