Kali Linux ToolsScanner

DotDotPwn – The Directory Traversal Fuzzer


It’s a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.

Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

It’s written in perl programming language and can be run either under OS X, *NIX or Windows platforms. It’s the first Mexican tool included in BackTrack Linux (BT4 R2).

Fuzzing modules supported in this version:

  • HTTP
  • FTP
  • TFTP
  • Payload (Protocol independent)


Perl modules:

  • Net::FTP
  • TFTP (only required if fuzzing TFTP)
  • Time::HiRes
  • Socket
  • IO::Socket
  • Getopt::Std

You can easily install the missing modules doing the following as root:

# perl -MCPAN -e "install <MODULE_NAME>"


# cpan 
cpan> install <MODULE_NAME>

Download DotDotPwn

Oblivion – Data Leak Checker And OSINT Tool

Previous article

OpenCTI – Open Cyber Threat Intelligence Platform

Next article

You may also like


Leave a reply

Your email address will not be published. Required fields are marked *