Wapiti Icon

Wapiti

Wapiti is a web-application vulnerability scanner

5.0 Stars (11)
511 Downloads (This Week)
Last Update:
Download wapiti-2.2.0.zip
Browse All Files
Windows Mac Linux

Screenshots

Description

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections... It use the Python programming language.

Wapiti Web Site

Features

  • Fast and easy to use
  • Generates vulnerability reports in various formats (HTML, XML, JSON, TXT...)
  • Can suspend and resume a scan or an attack
  • Can give you colors in the terminal to highlight vulnerabilities
  • Different levels of verbosity
  • Adding a payload can be as easy as adding a line to a text file
  • Support HTTP and HTTPS proxies
  • Authentication via several methods : Basic, Digest, Kerberos or NTLM
  • Ability to restrain the scope of the scan (domain, folder, webpage)
  • Safeguards against scan endless-loops (max number of values for a parameter)
  • Can exclude some URLs of the scan and attacks (eg: logout URL)
  • Extract URLs from Flash SWF files
  • Try to extract URLs from javascript (very basic JS interpreter)
  • ... and more features described on the website !

KEEP ME UPDATED

User Ratings

★★★★★
★★★★
★★★
★★
6
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
Write a Review

User Reviews

  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    i have problem when want to using wapiti?? Wapiti-2.2.1 (wapiti.sourceforge.net) Traceback (most recent call last): File "wapiti.py", line 447, in <module> wap.browse(crawlerFile) File "wapiti.py", line 241, in browse self.urls, self.forms = self.HTTP.browse(crawlerFile) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/HTTP.py", line 74, in browse self.myls.go(crawlerFile) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/lswww.py", line 499, in go headers = self.browse(lien) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/lswww.py", line 205, in browse info, data = self.h.request(url, headers = self.cookiejar.headers_url(url)) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 1084, in request (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 888, in _request (response, content) = self._conn_request(conn, request_uri, method, body, headers) File "/home/dzhenway/Downloads/wapiti-2.2.1/src/net/httplib2/__init__.py", line 856, in _conn_request raise ServerNotFoundError("Unable to find the server at %s" % conn.host) net.httplib2.ServerNotFoundError: Unable to find the server at -u anyone can help me please???

    Posted 09/14/2012
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    good job!!

    Posted 04/16/2012
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Nice and Easy to use.

    Posted 04/08/2012
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    good job

    Posted 07/11/2011
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    I would like to request SSL support in a future release.

    Posted 05/26/2010
Read more reviews

Additional Project Details

Languages

English, French, German, Malay, Spanish

User Interface

Command-line

Programming Language

Python

Registered

2006-05-26

Thanks for helping keep SourceForge clean.

Screenshot instructions:
Windows
Mac
Red Hat Linux   Ubuntu

Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)

More information about our ad policies
X

Briefly describe the problem (required):

Upload screenshot of ad (required):
Select a file, or drag & drop file here.

Please provide the ad click URL, if possible:

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks