exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 13 of 13

Files from Nicolas Surribas

Wapiti Web Application Vulnerability Scanner 3.0.5

Posted May 17, 2021

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Boolean based blind SQL injection support added. Added CSV as output format for Report. Multiple changes to cookie support. Fixed a session issue. New modules relating to WordPress and Drupal.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 341a0e57851398e1c8f0c7ee4e261e79

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 3.0.4

Posted Feb 22, 2021

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Added more payloads for code execution. 5 new module updates. Additions to cross site scripting and SQL injection attacks. Various other updates.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 4a1a74b4a8cdcd5b15cbc7292a17fb9c

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 3.0.3

Posted Feb 24, 2020

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Work was performed to reduce false positives in XSS detections.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 39673c6f9593119051077731df2fa2da

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 3.0.2

Posted Sep 5, 2019

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: New XXE module can send payloads in parameters, query string, file uploads and raw body. New module for detection Open Redirect vulnerabilities (header based our HTML meta based or JS based). Many other additions, updates, and improvements.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 68c83750a7c16810d94c518cd1ba0246

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 3.0.1

Posted May 13, 2018

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: New module mod_methods to detect interesting methods which might be allowed by scripts (PUT, PROPFIND, etc). New module mod_ssrf to detect Server Side Request Forgery vulnerabilities (requires Internet access). Improved mod_xss and mod_permanentxss modules to reduce false positives. Many other additions, updates, and improvements.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 81009cdf0a792ebb47db4215d56fbb01

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 3.0.0

Posted Jan 3, 2018

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Ported to Python3. Added --list-modules and --resume-crawl options. Persister rewritten to use sqlite3 databases (for session management). Many other additions, updates, and improvements.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 011ea6c1e9be485704224f719397d198

Download | Favorite | View

Exploiting Sudo's Grace Period

Posted Nov 20, 2014

Authored by Nicolas Surribas

Whitepaper called Exploiting sudo's grace period. This paper goes into detail on how to leverage sudo's grace period against a user in order to escalate privileges once basic access is achieved on their account.

tags | exploit

MD5 | 8ffcaf94322dd3845d285be873e3ed31

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 2.3.0

Posted Nov 27, 2013

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Wapiti now use the python-requests module for HTTP instead of httplib2. More pythonic code. A HTTPResource class was created to simplify module writing. New template for the HTML report generator. Various other updates and improvements.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | dd8b0ab120518215abf9c7b22251fd8b

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner 2.2.0

Posted Dec 30, 2009

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Various options and modules added. Various bug fixes.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 30272cc01f3fbda91f83542be3487a5d

Download | Favorite | View

Wapiti Web Application Vulnerability Scanner

Posted Apr 6, 2009

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Added more patterns for file handling vulnerabilities in PHP. Added GET_SQL and POST_SQL as modules (-m) for attacks. Modified getcookie.py and cookie.py so they try to get the cookies even if cookielib fails.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 6ee8da782ba48e050ff346561888c555

Download | Favorite | View

wapiti-1.1.4.zip

Posted Oct 14, 2006

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 13919bc991c54faf4a2266c0114f7785

Download | Favorite | View

wapiti-1.1.3.zip

Posted Aug 27, 2006

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Fixed a timeout bug.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | 2dea7ceab6572592a8b90f621f3c2e90

Download | Favorite | View

wapiti-1.1.0.zip

Posted Aug 17, 2006

Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

tags | tool, web, scanner, vulnerability

systems | unix

MD5 | d688ebb6c11e6df54819340b0b9ccddc

Download | Favorite | View