Webshag-gui is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.
Webshag can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (Basic and Digest). In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated (e.g. use a different random per request HTTP proxy server).
cyborg@cyborg:~$ cd /pentest/enumeration/web/webshag/config/ cyborg@cyborg:/pentest/enumeration/web/webshag/config$ sudo gedit webshag.conf Edit /usr/local/bin/nmap to /usr/bin/nmap