Bobcares

What is wapiti web scanner?

by | Sep 26, 2021

Wondering what is wapiti web scanner and how it works? We can help you.

As part of our Server Management Services, we assist our customers with similar queries.

Today, let us see how our Support techs about this topic.

What is wapiti web scanner?

Basically, Wapiti is a black box scanner.

It only scans the webpage not source code fo the target.

Wapiti only discover’s the vulnerabilities in a web application and it is not an exploitation tool.

Also, Wapiti injects payloads to check the vulnerability.

Ethical hacking researchers of international institute of cyber security said that wapiti is quite handy in the initial phase of penetration testing.

After completing of the scan wapiti generates vulnerability report in various format like html, xml, json, txt.

Wapiti uses modules like database injection (PHP,ASP/JSP,SQL), cross-site scripting (XSS).

Wapiti search for dangerous files on the server.

For launching wapiti type wapiti/wapiti –help in linux terminal:-

There are lot of options which can use in scanning of the website for more options type wapiti –help as shown above

Today, let us discuss about few options provided by our Support Techs for scanning.

DEFAULT SCAN:-

Type wapiti https://testphp.vulnweb.com/.
  • When test.php.vulneb.com was scan using wapiti and many vulnerabilities came out.
  • Then in XSS module, this vulnerability is commonly use in cross-site scripting.

XSS is used in injecting the client-side scripts into web pages.

XSS is used in stealing victim’s browser cookies, sending unauthorise request to the victim.

SPECIFYING THE URL:-

Type:-

wapiti https://testphp.vulnweb.com/ -s https://testphp.vulnweb.com/categories.php
  • -s option specify the url to start scanning with. The above two URLs webpages contains vulnerability for remote execution and the sql injection.
  • Then, the above vulnerable URL can use in defacing website and sql injection attacks.

EXCLUDING THE URL:-

Type:-

wapiti https://testphp.vulnweb.com/ -x https://testphp.vulnweb.com/categories.php

Usually, URL which is excluded in the scan means the URL and its content will not scan in wapiti.

USING PROXY IN THE URL:-

Type

wapiti https://testphp.vulneb.com / -p https://18.234.209.2:3128/

Wapiti use the proxy server to scan the target and hide the identity of attacker.

But using a proxy sometimes expose your identity on the internet as some proxies are vulnerable too.

So be careful while using any proxy.

Proxy are easily available on the internet, simply type open proxies on your favorite search engine and you can easily grab one or you can use proxy from https://www.us-proxy.org/

USING THE TIMEOUT:-

Type

wapiti https://testphp.vulnweb.com/ -t 60

After setting the timeout for the target URL.

This is the maximum time in secs wapiti running will wait for the server to send a response.

wapiti will wait for 5 secs for the server to send a response for each request send.

Then, after 5 secs of sending the request wapiti will timeout.

HIGHLIGHTING THE VULNERABILITIES:-

Type

wapiti https://testphp.vulnweb.com/ -u

Then, after executing the above query -u will highlight the vulnerabilities in color which are found in the target URL.

VERBOSE SCAN OF THE URL:-

0: quiet (default) by default wapiti is using verbosity level is set to 0.

1: print each URL, print each & every URL of the target.

2: print every attack will print each & every attack that perform on the target.

Type

wapiti https://testphp.vulnweb.com/ -v 1

After using 1 as the -v parameter. The above URLs are the part of the target URL.

Then, type

wapiti https://testphp.vulnweb.com/ -v 2

Here, we are using 2 as -v parameter, it shows the type of attack which is useful in initial phase of pentesting.

Usually, It shows the type of attack URLs that perform on the target and save lot of time of the pentester.

[Need help with similar queries? We’d be happy to assist you]

Conclusion

In short, we saw how our Support Techs work on wapiti web scanner.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF