Download
Wapiti is a vulnerability scanner for web applications.
It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects...
It use the Python 3 programming language.
Features
- Fast and easy to use
- Generates vulnerability reports in various formats (HTML, XML, JSON, TXT...)
- Can suspend and resume a scan or an attack
- Can give you colors in the terminal to highlight vulnerabilities
- Different levels of verbosity
- Adding a payload can be as easy as adding a line to a text file
- Support HTTP and HTTPS proxies
- Authentication via several methods : Basic, Digest, Kerberos or NTLM
- Ability to restrain the scope of the scan (domain, folder, webpage)
- Safeguards against scan endless-loops (max number of values for a parameter)
- Can exclude some URLs of the scan and attacks (eg: logout URL)
- Extract URLs from Flash SWF files
- Try to extract URLs from javascript (very basic JS interpreter)
- ... and more features described on the website !
Project Samples
License
GNU General Public License version 2.0 (GPLv2)Other Useful Business Software
The All-in-One Commerce Platform for Businesses - Shopify
Shopify is a leading all-in-one commerce platform that enables businesses to start, build, and grow their online and physical stores. It offers tools to create customized websites, manage inventory, process payments, and sell across multiple channels including online, in-person, wholesale, and global markets. The platform includes integrated marketing tools, analytics, and customer engagement features to help merchants reach and retain customers. Shopify supports thousands of third-party apps and offers developer-friendly APIs for custom solutions. With world-class checkout technology, Shopify powers over 150 million high-intent shoppers worldwide. Its reliable, scalable infrastructure ensures fast performance and seamless operations at any business size.
Rate This Project
Login To Rate This Project
User Reviews
-
Very well done. We have been looking at tools to help secure web applications. They were either obnoxiously overpriced or just did not have the flexibility we were looking for. This has, so far, been quite easy to use and take the information to properly secure the applications.
-
Nice project ;-)
-
i have problem when want to using wapiti?? Wapiti-2.2.1 (wapiti.sourceforge.net) Traceback (most recent call last): File "wapiti.py", line 447, in <module> wap.browse(crawlerFile) File "wapiti.py", line 241, in browse self.urls, self.forms = self.HTTP.browse(crawlerFile) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/HTTP.py", line 74, in browse self.myls.go(crawlerFile) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/lswww.py", line 499, in go headers = self.browse(lien) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/lswww.py", line 205, in browse info, data = self.h.request(url, headers = self.cookiejar.headers_url(url)) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 1084, in request (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 888, in _request (response, content) = self._conn_request(conn, request_uri, method, body, headers) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 856, in _conn_request raise ServerNotFoundError("Unable to find the server at %s" % conn.host) net.httplib2.ServerNotFoundError: Unable to find the server at -u anyone can help me please???
-
Nice and Easy to use.
-
good job