1. The name of this tool is such that a layman might start pondering some other thoughts :-)..Webshag ... is actually a multi-threaded, multi-platform web server audit tool that's coded in Python and gathers useful common functionality for web server auditing like website crawling, URL scanning and file fuzzing.This can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication. In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated. It also provides innovative functionalities like the capability of retrieving the list of domain names hosted on a target machine and file fuzzing using dynamically generated filenames (in addition to common list-based fuzzing).This post gives out a stepped screenshot on how to use it in Kali Linux for auditing a website.
The post shows the screen-shots for a Webshag version 1.10....that's the latest as on date...like always I have...this tool is too an opensource tool with a great functionality.....