Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

wapiti(1) [debian man page]

WAPITI(1)							   User Commands							 WAPITI(1)

NAME

       wapiti - a web application vulnerability scanner.

SYNOPSIS

       wapiti http://server.com/base/url/ [options]

DESCRIPTION

       Wapiti allows you to audit the security of your web applications.
       It  performs  "black-box"  scans,  i.e.	it  does  not study the source code of the application but will scans the webpages of the deployed
       webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer,  injecting  payloads	to
       see if a script is vulnerable.

OPTIONS

       -s, --start <url>
	    specify an url to start with.

       -x, --exclude <url>
	    exclude an url from the scan (for example logout scripts) you can also use a wildcard (*):
	    Example : -x "http://server/base/?page=*&module=test" or -x "http://server/base/admin/*" to exclude a directory

       -p, --proxy <url_proxy>
	    specify a proxy (-p http://proxy:port/)

       -c, --cookie <cookie_file>
	    use a cookie

       -t, --timeout <timeout>
	    set the timeout (in seconds)

       -a, --auth <login%password>
	    set credentials (for HTTP authentication) doesn't work with Python 2.4

       -r, --remove <parameter_name>
	    removes a parameter from URLs

       -m, --module <module>
	    use a predefined set of scan/attack options:
		 GET_ALL: only use GET request (no POST)
		 GET_XSS: only XSS attacks with HTTP GET method
		 POST_XSS: only XSS attacks with HTTP POST method

       -u, --underline
	    use color to highlight vulnerable parameters in output

       -v, --verbose <level>
	    set the verbosity level:
		 0: quiet (default),
		 1: print each url,
		 2: print every attack

       -h, --help
	    print help page

EFFICIENCY

       Wapiti  is  developed  in Python and use a library called lswww. This web spider library does the most of the work. Unfortunately, the html
       parsers module within python only works with well formed html pages so lswww fails to extract information from bad-coded webpages. Tidy can
       clean these webpages on the fly for us so lswww will give pretty good results. In order to make Wapiti far more efficient, you should:

		 apt-get install python-utidylib python-ctypes

AUTHOR

	    Copyright (C) 2006-2007 Nicolas Surribas <nicolas.surribas@gmail.com>

	    Manpage created by Thomas Blasing <thomasbl@pool.math.tu-berlin.de>

http://wapiti.sourceforge.net/					     July 2007								 WAPITI(1)

Check Out this Related Man Page

LWP-REQUEST(1p) 					User Contributed Perl Documentation					   LWP-REQUEST(1p)

NAME

       lwp-request, GET, POST, HEAD - Simple command line user agent

SYNOPSIS

       lwp-request [-afPuUsSedvhx] [-m method] [-b base URL] [-t timeout]
		   [-i if-modified-since] [-c content-type]
		   [-C credentials] [-p proxy-url] [-o format] url...

DESCRIPTION

       This program can be used to send requests to WWW servers and your local file system. The request content for POST and PUT methods is read
       from stdin.  The content of the response is printed on stdout.  Error messages are printed on stderr.  The program returns a status value
       indicating the number of URLs that failed.

       The options are:

       -m <method>
	   Set which method to use for the request.  If this option is not used, then the method is derived from the name of the program.

       -f  Force request through, even if the program believes that the method is illegal.  The server might reject the request eventually.

       -b <uri>
	   This URI will be used as the base URI for resolving all relative URIs given as argument.

       -t <timeout>
	   Set the timeout value for the requests.  The timeout is the amount of time that the program will wait for a response from the remote
	   server before it fails.  The default unit for the timeout value is seconds.	You might append "m" or "h" to the timeout value to make
	   it minutes or hours, respectively.  The default timeout is '3m', i.e. 3 minutes.

       -i <time>
	   Set the If-Modified-Since header in the request. If time is the name of a file, use the modification timestamp for this file. If time
	   is not a file, it is parsed as a literal date. Take a look at HTTP::Date for recognized formats.

       -c <content-type>
	   Set the Content-Type for the request.  This option is only allowed for requests that take a content, i.e. POST and PUT.  You can force
	   methods to take content by using the "-f" option together with "-c".  The default Content-Type for POST is
	   "application/x-www-form-urlencoded".  The default Content-type for the others is "text/plain".

       -p <proxy-url>
	   Set the proxy to be used for the requests.  The program also loads proxy settings from the environment.  You can disable this with the
	   "-P" option.

       -P  Don't load proxy settings from environment.

       -H <header>
	   Send this HTTP header with each request. You can specify several, e.g.:

	       lwp-request 
		   -H 'Referer: http://other.url/' 
		   -H 'Host: somehost' 
		   http://this.url/

       -C <username>:<password>
	   Provide credentials for documents that are protected by Basic Authentication.  If the document is protected and you did not specify the
	   username and password with this option, then you will be prompted to provide these values.

       The following options controls what is displayed by the program:

       -u  Print request method and absolute URL as requests are made.

       -U  Print request headers in addition to request method and absolute URL.

       -s  Print response status code.	This option is always on for HEAD requests.

       -S  Print response status chain. This shows redirect and authorization requests that are handled by the library.

       -e  Print response headers.  This option is always on for HEAD requests.

       -E  Print response status chain with full response headers.

       -d  Do not print the content of the response.

       -o <format>
	   Process HTML content in various ways before printing it.  If the content type of the response is not HTML, then this option has no
	   effect.  The legal format values are; text, ps, links, html and dump.

	   If you specify the text format then the HTML will be formatted as plain latin1 text.  If you specify the ps format then it will be
	   formatted as Postscript.

	   The links format will output all links found in the HTML document.  Relative links will be expanded to absolute ones.

	   The html format will reformat the HTML code and the dump format will just dump the HTML syntax tree.

	   Note that the "HTML-Tree" distribution needs to be installed for this option to work.  In addition the "HTML-Format" distribution needs
	   to be installed for -o text or -o ps to work.

       -v  Print the version number of the program and quit.

       -h  Print usage message and quit.

       -a  Set text(ascii) mode for content input and output.  If this option is not used, content input and output is done in binary mode.

       Because this program is implemented using the LWP library, it will only support the protocols that LWP supports.

SEE ALSO

       lwp-mirror, LWP

COPYRIGHT

       Copyright 1995-1999 Gisle Aas.

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

AUTHOR

       Gisle Aas <gisle@aas.no>

perl v5.14.2							    2012-02-11							   LWP-REQUEST(1p)
Man Page