Wapiti
Wapiti is a robust web application vulnerability scanner that conducts "black-box" security audits by crawling deployed web apps. It identifies potential vulnerabilities through payload injection, discerning between permanent and reflected XSS risks. Supporting both GET and POST methods, Wapiti generates vulnerability reports in multiple formats, enhancing web application security.
Top Wapiti Alternatives
Fuzzing Project
The Fuzzing Project enhances software security by employing a methodical approach to uncover bugs through random malformed inputs.
APIFuzzer
APIFuzzer enables users to fuzz test applications effortlessly using Swagger or OpenAPI definitions, eliminating the need for coding.
Mayhem Code Security
Mayhem Code Security offers a cutting-edge AI-driven platform designed for industries like aerospace and medical.
afl-unicorn
AFL-Unicorn enables users to fuzz binaries that can be emulated by the Unicorn Engine.
ClusterFuzz
ClusterFuzz serves as a robust fuzzing infrastructure designed to uncover security and stability vulnerabilities in software.
API Fuzzer
API Fuzzer empowers users to identify vulnerabilities in their APIs by fuzzing request attributes using established pentesting techniques.
ImmuneBytes
Their skilled penetration testers conduct thorough evaluations to uncover potential exploits...
Atheris
Built on libFuzzer, it excels in identifying vulnerabilities by leveraging Address Sanitizer and Undefined Behavior...
BlackArch Fuzzer
It incorporates 83 unique packages that generate random inputs to probe software vulnerabilities, helping testers...
Awesome Fuzzing
It features a curated collection of books, courses, tutorials, and tools, including vulnerable applications for...
Defensics Fuzz Testing
Users can leverage over 300 maintained fuzz testing suites, facilitating targeted testing across various protocols...
PortSwigger Burp Suite Professional
It streamlines repetitive tasks with smart automation while offering powerful manual tools, enabling users to...
Google ClusterFuzz
Leveraging advanced techniques, it automates bug filing and triage while supporting multiple fuzzing engines...
LibFuzzer
It tracks code coverage via LLVM's SanitizerCoverage, evolving input data to maximize testing efficiency...
Top Wapiti Features
- Black-box scanning capabilities
- Supports GET and POST attacks
- Multipart form support
- Payload injection in filenames
- Anomaly detection warnings
- Differentiates XSS types
- Generates comprehensive reports
- HTML
- XML
- JSON
- TXT formats
- Command-line interface
- Cross-platform compatibility
- Cookie fetching utility
- Easy installation via PIP
- Extensive manpage documentation
- Regular updates and support
- Open-source under GPL.
