Wapiti is a completely free web vulnerability scanner.
The project is alive. Despite the scanner's modest size (only 2.3 MB unzipped), its feature set is quite extensive. According to the official statement, the scanner can detect the following bugs:
Disclosure of file contents (local file inclusion), including backups and site source code;
SQL injection and PHP/ASP/JSP code injection;
Reflected and stored XSS;
OS Commands Injection;
XXE Injection;
Failed .htaccess configurations;
Open Redirect.
Wapiti3 supports proxies, authentication at the target site, knows how not to scream at self-made SSL certificates and can insert any headers into requests (including custom User-Agent).
Using the tool is very trivial. After installation, run this command in the terminal (yes, it's a console application):
Wapiti will scan the entire site and report accordingly. To exclude unnecessary addresses (e.g. logout), add the -x parameter, and authorized scans require cookies. To use them, first generate a JSON file using a special script. It is in bin/wapiti-getcookie and runs as follows:
[LOGIN_URL] is the login page address, and [USER] and [PASS] are the login and password, respectively. Then connect the ready file to the scanner:
The report is generated in HTML and saved in /home/[USER]/.wapiti/generated_report/[TARGET_HOST]_[DATE]_[ID].html, where [USER] is your login, [TARGET_HOST] is the target site, [DATE] is the date of scanning and [ID] is four numbers. You can open it in a browser and look it up.
The project is alive. Despite the scanner's modest size (only 2.3 MB unzipped), its feature set is quite extensive. According to the official statement, the scanner can detect the following bugs:
Disclosure of file contents (local file inclusion), including backups and site source code;
SQL injection and PHP/ASP/JSP code injection;
Reflected and stored XSS;
OS Commands Injection;
XXE Injection;
Failed .htaccess configurations;
Open Redirect.
Wapiti3 supports proxies, authentication at the target site, knows how not to scream at self-made SSL certificates and can insert any headers into requests (including custom User-Agent).
Using the tool is very trivial. After installation, run this command in the terminal (yes, it's a console application):
Code:
wapiti -u [URL]Code:
wapiti-getcookie -u [LOGIN_URL] -c cookies.json -d "username=[USER]&password=[PASS]"Code:
wapiti -u [URL] -x [EXCLUDE] -c cookies.json