wapiti!

Wapiti is a command-line application. Here is an exemple of output example.txt against a vulnerable web application. You may find some useful informations in the README README and the INSTALL INSTALL files. >> Download Wapiti here << https://sourceforge.net/projects/wapiti/files/

wapiti alternatives

  • SHODAN

  • SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

    tags: search-by-device search-engine search-ip-address security-focused
  • Nikto

  • Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.

    tags: security-utilities vulnerability vulnerability-scanner
  • skipfish

  • A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

    tags: Discontinued command-line-interface vulnerability-scanner heuristic-detection reconnaissance
  • Acunetix

  • Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free Edition!

    tags: website-security
  • w3af

  • w3af is a Web Application Attack and Audit Framework

    tags: web-application-security web-security-scanner web-application-scanner web-hacking
  • IronWASP

  • IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

    tags: internet-security penetration-testing web-application
  • Arachni

  • Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

    tags: web-security xss sql-injection web-security-scanner web-application-scanner
  • Websecurify

  • Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    tags: chromium google-chrome internet-security penetration-testing security-focused
  • Intruder

  • Intruder is a proactive security monitoring platform for internet-facing systems.

    tags: hacking security-and-privacy security-as-a-service security-auditing security-testing
  • Golem Security Scanner

  • Golem Security Scanner is a powerful and intuitive website security scanner which uses a combination of proprietary and open source scanners to maximize the scan findings. Much less expensive for the paid version than other providers, with a free option which scans a portion of the site.

    tags: web-application-security website-security-scanner website-virus-scan