21 lines
1.3 KiB
Markdown
21 lines
1.3 KiB
Markdown
|
## What is Wapiti?
|
||
|
|
Wapiti is an open-source web application vulnerability scanner that is designed to identify security vulnerabilities in web applications. It is written in Python and can be used on Linux, macOS, and Windows operating systems.
|
||
|
|
|
||
|
|
Wapiti is capable of identifying common vulnerabilities such as SQL injection, cross-site scripting (XSS), file inclusion vulnerabilities, and more. It can also identify other security issues such as weak passwords, configuration issues, and more.
|
||
|
|
|
||
|
|
|
||
|
|
## Common Use and Commands
|
||
|
|
To use Wapiti, you need to download and install it on your local machine or server. Once installed, you can run Wapiti with the following command:
|
||
|
|
|
||
|
|
```
|
||
|
|
`wapiti <TARGET_URL>`
|
||
|
|
```
|
||
|
|
|
||
|
|
where `TARGET_URL` is the URL of the web application you want to scan. Wapiti will then start scanning the web application and report any vulnerabilities or security issues it finds.
|
||
|
|
|
||
|
|
Wapiti provides various command-line options to customize the scan, such as specifying the type of scan, excluding specific directories, or enabling verbose output. You can find more information about these options in the official documentation.
|
||
|
|
|
||
|
|
## More Information
|
||
|
|
If you want to learn more about Wapiti or contribute to its development, you can check out the official Github repository at [https://github.com/IFGHou/wapiti](https://github.com/IFGHou/wapiti).
|
||
|
|
|