DE

URL Fuzzer: Website Directory Scanner

Use URL fuzzer to find files, routes, and directories in web apps that are hidden, sensitive, or vulnerable to cyber-attacks. Prevent sensitive data exposure and the loss of passwords, cryptographic keys, tokens, and other information that can compromise your whole system.

  • File Inclusion
  • Directory Fuzzer
  • File Fuzzer
  • Directory Traversal
Hirmer
Alltron
Flixbus
Instana
Ottonova
Atoss
Acrolinx
Netfonds

Crashtest Security helps you with security reports and checklists to get solutions to every weakness while significantly decreasing the time and budget on manual pentesting.

URL Fuzzer is one of the solutions we offer. As a black box software testing provider, our technique also helps you discover the complete OWASP Top 10 vulnerability list, like SQL injections, CSRF, XXE, and many more.

Create

Create a scan target

1

Configure

Configure Credentials (System and application)

2

CI Integration

Create a webhook and start a scan via the CI Integration

3

Set notification

Integrate chat notification (for example, Slack or Mattermost)

4

Download report

Receive extensive reports with remediation advice

5

Benefits

Discover hidden files and directories

  • Detect Sensitive Data Exposure. Before hackers do, locate important information in your web asset, like secret files and directories.
  • Extend the overview of vulnerabilities. Use this tool to detect hidden pathways in your web apps containing vulnerabilities.
  • Check for misconfigurations. Check if the uncovered files and directories have the correct permissions and contain sensitive data.
  • Most modern development stacks are compatible with Crashtest Security, so testing teams don’t have to worry about the underlying programming language or application logic to find the vulnerabilities.

Reports

Ample report for your URL fuzzing

We provide you with a report where to find risks, their impact, and mitigation advice for each vulnerability to help you regularly assess your security exposure.

Detected vulnerabilities

  • Identified files and directories
  • The HTTP response code for each file
  • And much more

Scheduling

Set a schedule for regular web app scanning, and we will provide you with the test results, either via email or your preferred chat tool.

Various report formats

Set a schedule for regular web app scanning, and we will provide you with the test results, either via email or your preferred chat tool.