top of page

Wapiti – A Smarter Way To Find Web Vulnerability

Hello everyone,

I am Nitin yadav(KD) back again with another write-up

Wapiti is an amazing tool that provides us with detailed information about the vulnerabilities in our application. It scans for the presence of known vulnerabilities in our applications and notifies us so that we can report those vulnerabilities.

Wapiti helps you to audit the security of your websites or web applications. By using Wapiti you can quickly check for common vulnerabilities on your website.

How does Wapiti Works?

Wapiti is a black-box web application security scanner written in Python. And works as a "black-box" vulnerability scanner. So it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links and forms and attacking the scripts, sending payloads, and looking for error messages, unique strings, or abnormal behaviors.

Its General Features:

  • Generates vulnerability reports in various formats (HTML, XML, JSON, TXT, CSV).

  • Can suspend and resume a scan or an attack (session mechanism using sqlite3 databases).

  • It can give you colors in the terminal to highlight vulnerabilities.

  • Different levels of verbosity.

  • Fast and easy way to activate/deactivate attack modules.

  • Adding a payload can be as easy as adding a line to a text file.

  • A configurable number of concurrent tasks to perform HTTP requests.

Modules Covered:

  • SQL Injections (Error based, boolean based, time-based) and XPath Injections

  • Cross-Site Scripting (XSS) reflected and permanent

  • File disclosure detection (local and remote include, require, fopen, readfile...)

  • Command Execution detection (eval(), system(), passtru()...)

  • XXE (Xml eXternal Entity) injection

  • CRLF Injection

  • Search for potentially dangerous files on the server (thanks to the Nikto db)

  • Bypass of weak htaccess configurations

  • Search for copies (backup) of scripts on the server

  • Shellshock

  • Folder and file enumeration (DirBuster like)

  • Server-Side Request Forgery (through use of an external Wapiti website)

  • Open Redirects

  • Detection of uncommon HTTP methods (like PUT)

  • Basic CSP Evaluator

  • Brute Force login form (using a dictionary list)

  • Checking HTTP security headers

  • Checking cookie security flags (secure and httponly flags)

  • Cross-Site Request Forgery (CSRF) basic detection

  • Fingerprinting of web applications using the Wappalyzer database

  • Enumeration of WordPress and Drupal modules

  • Detection of subdomain takeovers vulnerabilities

  • Log4Shell vulnerability detection (CVE-2021-44228)

Downloading the tool:

First, we will use git clone

Now move to its directory and run the file using the command

Now let's install it using pip

You can use this tool with the following command:

and see how you can use it as per your requirement

I hope you enjoy this one and I see you next time ;)

Take care and happy hacking!

404 views0 comments
bottom of page