I am Nitin yadav(KD) back again with another write-up
Wapiti is an amazing tool that provides us with detailed information about the vulnerabilities in our application. It scans for the presence of known vulnerabilities in our applications and notifies us so that we can report those vulnerabilities.
Wapiti helps you to audit the security of your websites or web applications. By using Wapiti you can quickly check for common vulnerabilities on your website.
How does Wapiti Works?
Wapiti is a black-box web application security scanner written in Python. And works as a "black-box" vulnerability scanner. So it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links and forms and attacking the scripts, sending payloads, and looking for error messages, unique strings, or abnormal behaviors.
Its General Features:
Generates vulnerability reports in various formats (HTML, XML, JSON, TXT, CSV).
Can suspend and resume a scan or an attack (session mechanism using sqlite3 databases).
It can give you colors in the terminal to highlight vulnerabilities.
Different levels of verbosity.
Fast and easy way to activate/deactivate attack modules.
Adding a payload can be as easy as adding a line to a text file.
A configurable number of concurrent tasks to perform HTTP requests.
SQL Injections (Error based, boolean based, time-based) and XPath Injections
Cross-Site Scripting (XSS) reflected and permanent
File disclosure detection (local and remote include, require, fopen, readfile...)
Command Execution detection (eval(), system(), passtru()...)
XXE (Xml eXternal Entity) injection
Search for potentially dangerous files on the server (thanks to the Nikto db)
Bypass of weak htaccess configurations
Search for copies (backup) of scripts on the server
Folder and file enumeration (DirBuster like)
Server-Side Request Forgery (through use of an external Wapiti website)
Detection of uncommon HTTP methods (like PUT)
Basic CSP Evaluator
Brute Force login form (using a dictionary list)
Checking HTTP security headers
Checking cookie security flags (secure and httponly flags)
Cross-Site Request Forgery (CSRF) basic detection
Fingerprinting of web applications using the Wappalyzer database
Enumeration of WordPress and Drupal modules
Detection of subdomain takeovers vulnerabilities
Log4Shell vulnerability detection (CVE-2021-44228)
Downloading the tool:
First, we will use git clone
Now move to its directory and run the setup.py file using the command
Now let's install it using pip
You can use this tool with the following command:
and see how you can use it as per your requirement
I hope you enjoy this one and I see you next time ;)
Take care and happy hacking!