Currently, it is capable of identifying these problems: - Cross Site Scripting (XSS) - Injections (SQL, LDAP, code, commands, and XPATH) - CRLF - HTTP 500 statuses (usually indicative of a possible misconfiguration/security flaw incl. buffer overflow) Designed and coded to be modular and extendable. Adding new checks should simply entail adding new methods. More Info and Download: http://powerfuzzer.sourceforge.net/ BTW; already tested and works good
