wapiti-scanner / wapiti

submited by

Style Pass

2021-06-16 12:30:03

Wapiti works as a "black-box" vulnerability scanner, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links and forms and attacking the scripts, sending payloads and looking for error messages, special strings or abnormal behaviors.

Wapiti supports both GET and POST HTTP methods for attacks. It also supports multipart and can inject payloads in filenames (upload). Display a warning when an anomaly is found (for example 500 errors and timeouts) Makes the difference between permanent and reflected XSS vulnerabilities.

wapiti-scanner / wapiti

Leave a Comment

Related Posts

Recent Posts

Dezeen Magazine dezeen-logo dezeen-logo

Every day, AI increases the cost of being a public figure

Simon Willison’s Weblog

Improvements to the ghc-debug terminal interface

Hotel Wifi JavaScript Injection

Can India build a world-leading computer chip industry from scratch?

Why used Computers can be such Good Deals

Eglin AFB Pilot Likely Saw A Lighting Balloon, Not A UFO Pentagon Concludes

Nintendo Forcing Garry's Mod To Delete 20 Years' Worth Of Content

AG at CJEU: Facebook must "minimize" personal data for ads in EU

How I developed the fastest XML parser | Tobias Nickel

From hours to seconds: AI tools to detect animal calls

Unveiling the Political Geography of Ethiopia: Beyond the Commonsense

Search code, repositories, users, issues, pull requests...

Legal risks loom for Firefly users after Adobe’s AI image tool training exposed

Source Code With Emoji

Forget the AI doom and hype, let's make computers useful

Memgraph’s Deep Path Traversal Capabilities

Stripe, doubling down on embedded finance, de-couples payments from the rest of its stack

The Big Development Project: How much should it cost?