Wapiti Logo

Wapiti

0
Free
Visit Website

The web-application vulnerability scanner Wapiti allows you to audit the security of your websites or web applications. It performs 'black-box' scans by crawling webpages, looking for scripts and forms to inject data, and acts like a fuzzer to test vulnerabilities. Wapiti modules cover SQL Injections, Cross Site Scripting, File disclosure, Command Execution, XXE injection, CRLF Injection, Shellshock, Server Side Request Forgery, and more.

FEATURES

ALTERNATIVES

A collection of Ansible roles for hardening various systems and services

A wargame composed of 27 levels, with files needed in /vortex/ directory.

A vulnerable Android application demonstrating various security issues and vulnerabilities

Fast and customizable vulnerability scanner

Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.

tfsec is being replaced by Trivy, a more comprehensive open-source security solution

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

A tool for detecting and exploiting vulnerabilities in web applications