Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. Itβs entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a βsafe to runβ program, meaning it is not designed to be an exploit or perform any harmful attacks.
> Web Services: a CMS and itβs version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints
Authentication areas: logins, admin logins, email webapps
Bruteforce: Subdomains, Files and Directories
Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host
AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)