wfuzz

wfuzz, designed for bruteforcing web applications, can be used for finding resources not linked, directories, servlets, scripts, bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce forms parameters (User/Password), fuzzing, etc.