wapiti online with Winfy

We have hosted the application wapiti in order to run this application in our online workstations with Wine or directly.

Quick description about wapiti:

Wapiti is a vulnerability scanner for web applications.

It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects.

It use the Python 3 programming language.

Features:

• Fast and easy to use
• Generates vulnerability reports in various formats (HTML, XML, JSON, TXT.)
• Can suspend and resume a scan or an attack
• Can give you colors in the terminal to highlight vulnerabilities
• Different levels of verbosity
• Adding a payload can be as easy as adding a line to a text file
• Support HTTP and HTTPS proxies
• Authentication via several methods : Basic, Digest, Kerberos or NTLM
• Ability to restrain the scope of the scan (domain, folder, webpage)
• Safeguards against scan endless-loops (max number of values for a parameter)
• Can exclude some URLs of the scan and attacks (eg: logout URL)
• Extract URLs from Flash SWF files
• Try to extract URLs from javascript (very basic JS interpreter)
• . and more features described on the website !

Audience: Security Professionals, Security.
User interface: Command-line.
Programming Language: Python.
Categories: