Download Latest Version v5.2.1 source code.zip (3.5 MB)
Email in envelope

Get an email when there's a new version of waymap

Home / v5.2.1
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2024-11-11 2.7 kB
0
v5.2.1 source code.tar.gz 2024-11-11 3.5 MB
0
v5.2.1 source code.zip 2024-11-11 3.5 MB
0
Totals: 3 Items   7.0 MB 0

Waymap - Web Vulnerability Scanner.

Current Version: 5.1.1 Author: Trix Cyrus
Copyright: © 2024 Trixsec Org
Maintained: Yes

What is Waymap?

Waymap is a fast and optimized And Automated web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities by testing against a variety of payloads.

Latest Update

v5.2.1

  • New Sql Injection Scanning Module
  • High Accuracy And Less False Positive
  • Access it using: --scan sqli

Waymap Features

  1. Vulnerability Scanning Modules:
  2. SQL Injection (SQLi)
  3. Command Injection
  4. Server-Side Template Injection (SSTI) with threading support
  5. Cross-Site Scripting (XSS) with filter bypass payload testing and threading support
  6. Local File Inclusion (LFI) with threading support
  7. Open Redirect with custom thread count
  8. Carriage Return and Line Feed (CRLF) with custom threading
  9. Cross-Origin Resource Sharing (CORS) with threading support

  10. Critical and High-Risk Scan Profiles using CVE exploits (32 CVEs: WordPress - 19, Drupal - 4, Joomla - 7, Generic/Others - 2)

  11. Web Crawling:

  12. Initial crawling functionality
  13. Enhanced crawler to operate within target domain boundaries and handle URL redirection
  14. Advanced crawler capable of any-depth crawling

  15. Improved v3 crawler (competitive with SQLmap crawler)

  16. Concurrency & Threading:

  17. Concurrency to utilize multiple CPU threads for faster scans
  18. Custom thread count for Open Redirect, CRLF, and CORS scans

  19. New argument --threads/-T for global threading count (no prompt for threads)

  20. Multi-Target Scanning:

  21. Support for scanning multiple URLs with --multi-target {targetfilename}.txt

  22. Ability to scan URLs directly without crawling using --url/-u and --multi-url/-mu arguments

  23. Automation and Convenience:

  24. Auto-update functionality (version-dependent)
  25. New argument --check-updates to check for and perform updates
  26. New argument --random-agent to randomize user-agents
  27. Header usage to make requests appear more legitimate and reduce detection/blocking

  28. Argument --no-prompt/-np to disable prompts (default input = 'n')

  29. Scan Profiles & Severity-Based Scanning:

  30. New critical and high-risk scan profiles (--scan critical-risk and --scan high-risk) using severity-based CVE exploits

  31. Argument --profile critical-risk/high-risk with --profileurl for streamlined scanning based on CVE severity

  32. Logging and Stability:

  33. Logging functionality for scan sessions
  34. Various bug fixes and optimizations for stability and processing speed
Source: README.md, updated 2024-11-11