4. Wapiti

Description:
Wapiti is an open-source web vulnerability scanner that allows users to audit the security of their web applications. It performs black-box testing, identifying vulnerabilities like SQL injections, XSS, and file inclusions by inspecting web pages and forms.

Examples:

1. Basic Web Scan:
  - wapiti http://example.com

Explanation: Starts a vulnerability scan against the web application hosted at example.com. It will identify potential flaws like XSS and SQL injection.

1. Scan Specific Depth Level:
  - wapiti http://example.com -d 2

Explanation: Sets the depth (-d 2) to control how deeply the scanner crawls into the site. A depth of 2 means it will follow links up to two levels deep.

1. Excluding Specific URLs:
  - wapiti http://example.com –exclude ‘logout’

Explanation: Tells Wapiti to ignore URLs containing the keyword logout. This prevents it from logging out of the session during scanning.

1. Report Generation:
  - wapiti http://example.com -f html

Explanation: After the scan completes, generates an HTML report of the findings.

4. Wapiti

Description: Wapiti is an open-source web vulnerability scanner that allows users to audit the security of their web applications. It performs black-box testing, identifying vulnerabilities like SQL injections, XSS, and file inclusions by inspecting web pages and forms.

Examples:

Description:
Wapiti is an open-source web vulnerability scanner that allows users to audit the security of their web applications. It performs black-box testing, identifying vulnerabilities like SQL injections, XSS, and file inclusions by inspecting web pages and forms.