What is the pricing for Wapiti?

Wapiti is a free Application Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://wapiti.sourceforge.net/ for download and installation instructions.

What are alternatives to Wapiti?

Popular alternatives to Wapiti include: 1. VulnSign Dynamic Application Security Testing - DAST tool for scanning web apps, microservices, and APIs for vulnerabilities (Commercial) 2. Halo Security Application Scanning - DAST tool for detecting web app vulnerabilities like SQL injection and XSS (Commercial) 3. Acunetix Web Application & API Security - DAST scanner for web apps & APIs with automated vuln detection & remediation (Commercial) 4. w3af - w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications. (Free) 5. Paros - A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features. (Free) Compare these tools and more at https://cybersectools.com/categories/application-security

Who should use Wapiti?

Wapiti is for security teams and organizations that need SQL Injection, Web Security, XSS. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Application Security tools can be found at https://cybersectools.com/categories/application-security

Wapiti

Web-application vulnerability scanner with extensive coverage of security testing modules.

Wapiti

Web-application vulnerability scanner with extensive coverage of security testing modules.

Visit Website

Data verified Apr 2026

Explore Application Security 48 Alternatives Compare Stacks Market Map Explore All Tools

ADYour product here. Reach security decision-makers.Launch a campaign

Wapiti Description

Application Security/Dynamic Application Security Testing

Sql Injection Web Security Xss

The web-application vulnerability scanner Wapiti allows you to audit the security of your websites or web applications. It performs 'black-box' scans by crawling webpages, looking for scripts and forms to inject data, and acts like a fuzzer to test vulnerabilities. Wapiti modules cover SQL Injections, Cross Site Scripting, File disclosure, Command Execution, XXE injection, CRLF Injection, Shellshock, Server Side Request Forgery, and more.

Wapiti Description

Application Security/Dynamic Application Security Testing

Sql Injection Web Security Xss

Wapiti FAQ

Common questions about Wapiti including features, pricing, alternatives, and user reviews.

Wapiti is Web-application vulnerability scanner with extensive coverage of security testing modules. It is a Application Security solution designed to help security teams with SQL Injection, Web Security, XSS.

Have more questions? Browse our categories or search for specific tools.