RedTeam
4.Exploitation
Scanner
General
Wapiti

What is Wapiti?

Wapiti is an open-source web application vulnerability scanner that is designed to identify security vulnerabilities in web applications. It is written in Python and can be used on Linux, macOS, and Windows operating systems.

Wapiti is capable of identifying common vulnerabilities such as SQL injection, cross-site scripting (XSS), file inclusion vulnerabilities, and more. It can also identify other security issues such as weak passwords, configuration issues, and more.


Common Use and Commands

To use Wapiti, you need to download and install it on your local machine or server. Once installed, you can run Wapiti with the following command:

`wapiti <TARGET_URL>`

where TARGET_URL is the URL of the web application you want to scan. Wapiti will then start scanning the web application and report any vulnerabilities or security issues it finds.

Wapiti provides various command-line options to customize the scan, such as specifying the type of scan, excluding specific directories, or enabling verbose output. You can find more information about these options in the official documentation.


More Information

If you want to learn more about Wapiti or contribute to its development, you can check out the official Github repository at https://github.com/IFGHou/wapiti (opens in a new tab).