Wapiti searches for the following vulnerabilities

subornaakter20 · Post by **subornaakter20** » Sun Feb 02, 2025 7:18 am

Wapiti

Also a pretty good console scanner. Like W9scan, it is ready to be launched in one command, but at the same time has many settings, thanks to which checking a site for vulnerabilities online is very convenient.

Shellshock.

In addition to the above, there are various authentication methods (Basic, Digest, Kerberos, NTLM), proxy support (HTTP, HTTPs and SOCKS5), SSL certificate support, the ability to add different HTTP headers or user-agent settings.

During testing, after checking php.testsparker.com, the medical practice email list scanner found the following vulnerabilities: Blind SQL Injection, Cross Site Scripting, Commands execution. On premium.bgabank.com, Wapiti, compared to other scanners, does not show such great success: it was able to detect only Cross Site Scripting.

After checking, an HTML report is also automatically created, which includes the categories and number of vulnerabilities identified along with their description, queries, URL commands, and recommendations for eliminating security flaws in the site.

As expected, Wapiti lags behind OWASP ZAP. However, its check results were better than those of W9scan, although directories and subdomains were not found, and service versions were not determined.

Arachni
Arachni

A free, powerful tool that checks the security level of web applications and searches for vulnerabilities. It has a graphical interface and very rich functionality, which you can learn more about on the official website.

Active testing:

SQL injection - Error based detection.

Blind SQL injection using differential analysis.

Blind SQL injection using timing attacks.

NoSQL injection - Error based vulnerability detection.

Blind NoSQL injection using differential analysis.

Passive testing:

Allowed HTTP methods.

Backup files.

Backup directories.

Common administration interfaces.

General directories.

Common files.

Impressive, isn't it? But that's not all. "Web" includes many more plugins: Passive Proxy, Dictionary attacker for HTTP Auth, Cookie collector, WAF Detector and others.

The tool has a concise and pleasant interface.

Scan results on sites during testing. Php.testsparker.com:

Cross-Site Scripting (XSS) in script context.

Blind SQL Injection (differential analysis).

Code injection.

Code injection (timing attack).

Operating system command injection (timing attack).

Operating system command injection.

On premium.bgabank.com, the scanner only detected the possibility of cross-site request forgery (CSRF) among critical vulnerabilities.

It should be noted that Arachni generates very visually attractive reports in HTML, XML, text, JSON, Marshal, YAML, AFR formats.

That is to say, Arachni is a pleasure to work with. It can be considered a must-have, a must-have for any webmaster.