Wondering what is wapiti web scanner and how it works? We can help you.

As part of our Server Management Services, we assist our customers with similar queries.

Today, let us see how our Support techs about this topic.

What is wapiti web scanner?

Basically, Wapiti is a black box scanner.

It only scans the webpage not source code fo the target.

Wapiti only discover’s the vulnerabilities in a web application and it is not an exploitation tool.

Also, Wapiti injects payloads to check the vulnerability.

Ethical hacking researchers of international institute of cyber security said that wapiti is quite handy in the initial phase of penetration testing.

After completing of the scan wapiti generates vulnerability report in various format like html, xml, json, txt.

Wapiti uses modules like database injection (PHP,ASP/JSP,SQL), cross-site scripting (XSS).

Wapiti search for dangerous files on the server.

For launching wapiti type wapiti/wapiti –help in linux terminal:-

There are lot of options which can use in scanning of the website for more options type wapiti –help as shown above

Today, let us discuss about few options provided by our Support Techs for scanning.

DEFAULT SCAN:-

Type wapiti https://testphp.vulnweb.com/.

• When test.php.vulneb.com was scan using wapiti and many vulnerabilities came out.
• Then in XSS module, this vulnerability is commonly use in cross-site scripting.

XSS is used in injecting the client-side scripts into web pages.

XSS is used in stealing victim’s browser cookies, sending unauthorise request to the victim.

SPECIFYING THE URL:-

Type:-

wapiti https://testphp.vulnweb.com/ -s https://testphp.vulnweb.com/categories.php

• -s option specify the url to start scanning with. The above two URLs webpages contains vulnerability for remote execution and the sql injection.
• Then, the above vulnerable URL can use in defacing website and sql injection attacks.

EXCLUDING THE URL:-

Type:-

wapiti https://testphp.vulnweb.com/ -x https://testphp.vulnweb.com/categories.php

Usually, URL which is excluded in the scan means the URL and its content will not scan in wapiti.

USING PROXY IN THE URL:-

Type

wapiti https://testphp.vulneb.com / -p https://18.234.209.2:3128/

Wapiti use the proxy server to scan the target and hide the identity of attacker.

But using a proxy sometimes expose your identity on the internet as some proxies are vulnerable too.

So be careful while using any proxy.

Proxy are easily available on the internet, simply type open proxies on your favorite search engine and you can easily grab one or you can use proxy from https://www.us-proxy.org/

USING THE TIMEOUT:-

Type

wapiti https://testphp.vulnweb.com/ -t 60

After setting the timeout for the target URL.

This is the maximum time in secs wapiti running will wait for the server to send a response.

wapiti will wait for 5 secs for the server to send a response for each request send.

Then, after 5 secs of sending the request wapiti will timeout.

HIGHLIGHTING THE VULNERABILITIES:-

Type

wapiti https://testphp.vulnweb.com/ -u

Then, after executing the above query -u will highlight the vulnerabilities in color which are found in the target URL.

VERBOSE SCAN OF THE URL:-

0: quiet (default) by default wapiti is using verbosity level is set to 0.

1: print each URL, print each & every URL of the target.

2: print every attack will print each & every attack that perform on the target.

Type

wapiti https://testphp.vulnweb.com/ -v 1

After using 1 as the -v parameter. The above URLs are the part of the target URL.

Then, type

wapiti https://testphp.vulnweb.com/ -v 2

Here, we are using 2 as -v parameter, it shows the type of attack which is useful in initial phase of pentesting.

Usually, It shows the type of attack URLs that perform on the target and save lot of time of the pentester.

[Need help with similar queries? We’d be happy to assist you]

Conclusion

In short, we saw how our Support Techs work on wapiti web scanner.