This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP Wapiti Project

From OWASP
Jump to: navigation, search


OWASP Inactive Banner.jpg


OWASP Wapiti Project

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

Introduction

Web application vulnerability scanner / security auditor.


Description

Wapiti allows to audit the security of web applications in an easy way. It performs a "black-box" scans acting like a fuzzer, injecting payloads to see if an application is vulnerable. It has two principal parts, a crawler that explores the pages of the application and the attack module that injects the payloads and evaluates their responses. Wapiti is easy to use and it can detect the most common vulnerabilities (XSS, SQL Injection, File Handler Errors...). It provides to the user a complete report (html format) with the found vulnerabilities.


Licensing

OWASP Wapiti Project is free to use. It is licensed under the GNU Library or Lesser General Public License (LGPL).


Project Leader

Nicolas Surribas


Openhub

https://www.openhub.net/p/wapiti

Salesforge: https://sourceforge.net/projects/wapiti/

Quick Download

Download the latest release here.

Email List

Sign Up!

News and Events

Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

This category currently contains no pages or media.

Retrieved from "https://wiki.owasp.org/index.php?title=Category:OWASP_Wapiti_Project&oldid=209475"