Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

wapiti(1) [debian man page]

WAPITI(1)							   User Commands							 WAPITI(1)

NAME
wapiti - a web application vulnerability scanner. SYNOPSIS
wapiti http://server.com/base/url/ [options] DESCRIPTION
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. OPTIONS
-s, --start <url> specify an url to start with. -x, --exclude <url> exclude an url from the scan (for example logout scripts) you can also use a wildcard (*): Example : -x "http://server/base/?page=*&module=test" or -x "http://server/base/admin/*" to exclude a directory -p, --proxy <url_proxy> specify a proxy (-p http://proxy:port/) -c, --cookie <cookie_file> use a cookie -t, --timeout <timeout> set the timeout (in seconds) -a, --auth <login%password> set credentials (for HTTP authentication) doesn't work with Python 2.4 -r, --remove <parameter_name> removes a parameter from URLs -m, --module <module> use a predefined set of scan/attack options: GET_ALL: only use GET request (no POST) GET_XSS: only XSS attacks with HTTP GET method POST_XSS: only XSS attacks with HTTP POST method -u, --underline use color to highlight vulnerable parameters in output -v, --verbose <level> set the verbosity level: 0: quiet (default), 1: print each url, 2: print every attack -h, --help print help page EFFICIENCY
Wapiti is developed in Python and use a library called lswww. This web spider library does the most of the work. Unfortunately, the html parsers module within python only works with well formed html pages so lswww fails to extract information from bad-coded webpages. Tidy can clean these webpages on the fly for us so lswww will give pretty good results. In order to make Wapiti far more efficient, you should: apt-get install python-utidylib python-ctypes AUTHOR
Copyright (C) 2006-2007 Nicolas Surribas <nicolas.surribas@gmail.com> Manpage created by Thomas Blasing <thomasbl@pool.math.tu-berlin.de> http://wapiti.sourceforge.net/ July 2007 WAPITI(1)

Check Out this Related Man Page

POST(1) 						User Contributed Perl Documentation						   POST(1)

NAME
lwp-request, GET, HEAD, POST - Simple WWW user agent SYNOPSIS
lwp-request [-aeEdvhx] [-m method] [-b <base URL>] [-t <timeout>] [-i <if-modified-since>] [-c <content-type>] [-C <credentials>] [-p <proxy-url>] [-o <format>] <url>... DESCRIPTION
This program can be used to send requests to WWW servers and your local file system. The request content for POST and PUT methods is read from stdin. The content of the response is printed on stdout. Error messages are printed on stderr. The program returns a status value indicating the number of URLs that failed. The options are: -m <method> Set which method to use for the request. If this option is not used, then the method is derived from the name of the program. -f Force request through, even if the program believes that the method is illegal. The server might reject the request eventually. -b <uri> This URI will be used as the base URI for resolving all relative URIs given as argument. -t <timeout> Set the timeout value for the requests. The timeout is the amount of time that the program will wait for a response from the remote server before it fails. The default unit for the timeout value is seconds. You might append "m" or "h" to the timeout value to make it minutes or hours, respectively. The default timeout is '3m', i.e. 3 minutes. -i <time> Set the If-Modified-Since header in the request. If time it the name of a file, use the modification timestamp for this file. If time is not a file, it is parsed as a literal date. Take a look at HTTP::Date for recogniced formats. -c <content-type> Set the Content-Type for the request. This option is only allowed for requests that take a content, i.e. POST and PUT. You can force methods to take content by using the "-f" option together with "-c". The default Content-Type for POST is "applica- tion/x-www-form-urlencoded". The default Content-type for the others is "text/plain". -p <proxy-url> Set the proxy to be used for the requests. The program also loads proxy settings from the environment. You can disable this with the "-P" option. -H <header> Send this HTTP header with each request. You can specify several, e.g.: lwp-request -H 'Referer: http://other.url/' -H 'Host: somehost' http://this.url/ -C <username>:<password> Provide credentials for documents that are protected by Basic Authentication. If the document is protected and you did not specify the username and password with this option, then you will be prompted to provide these values. The following options controls what is displayed by the program: -u Print request method and absolute URL as requests are made. -U Print request headers in addition to request method and absolute URL. -s Print response status code. This option is always on for HEAD requests. -S Print response status chain. This shows redirect and autorization requests that are handled by the library. -e Print response headers. This option is always on for HEAD requests. -d Do not print the content of the response. -o <format> Process HTML content in various ways before printing it. If the content type of the response is not HTML, then this option has no effect. The legal format values are; text, ps, links, html and dump. If you specify the text format then the HTML will be formatted as plain latin1 text. If you specify the ps format then it will be for- matted as Postscript. The links format will output all links found in the HTML document. Relative links will be expanded to absolute ones. The html format will reformat the HTML code and the dump format will just dump the HTML syntax tree. -v Print the version number of the program and quit. -h Print usage message and quit. -x Extra debugging output. -a Set text(ascii) mode for content input and output. If this option is not used, content input and output is done in binary mode. Because this program is implemented using the LWP library, it will only support the protocols that LWP supports. SEE ALSO
lwp-mirror, LWP COPYRIGHT
Copyright 1995-1999 Gisle Aas. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. AUTHOR
Gisle Aas <gisle@aas.no> libwww-perl-5.65 2003-01-27 POST(1)
Man Page