Wapiti

Wapiti

Wapiti is a robust web application vulnerability scanner that conducts "black-box" security audits by crawling deployed web apps. It identifies potential vulnerabilities through payload injection, discerning between permanent and reflected XSS risks. Supporting both GET and POST methods, Wapiti generates vulnerability reports in multiple formats, enhancing web application security.

Top Wapiti Alternatives

1
Fuzzing Project

Fuzzing Project

The Fuzzing Project enhances software security by employing a methodical approach to uncover bugs through random malformed inputs.

Alternatives
2
APIFuzzer

APIFuzzer

APIFuzzer enables users to fuzz test applications effortlessly using Swagger or OpenAPI definitions, eliminating the need for coding.

By: PyPI
Alternatives
3
Mayhem Code Security

Mayhem Code Security

Mayhem Code Security offers a cutting-edge AI-driven platform designed for industries like aerospace and medical.

By: Mayhem From United States
Alternatives
4
afl-unicorn

afl-unicorn

AFL-Unicorn enables users to fuzz binaries that can be emulated by the Unicorn Engine.

By: Battelle From United States
Alternatives
5
ClusterFuzz

ClusterFuzz

ClusterFuzz serves as a robust fuzzing infrastructure designed to uncover security and stability vulnerabilities in software.

By: Google From United States
Alternatives
6
API Fuzzer

API Fuzzer

API Fuzzer empowers users to identify vulnerabilities in their APIs by fuzzing request attributes using established pentesting techniques.

By: Fuzzapi From United States
Alternatives
7
ImmuneBytes

ImmuneBytes

Their skilled penetration testers conduct thorough evaluations to uncover potential exploits...

By: ImmuneBytes From United States
Alternatives
8
Atheris

Atheris

Built on libFuzzer, it excels in identifying vulnerabilities by leveraging Address Sanitizer and Undefined Behavior...

By: Google From United States
Alternatives
9
BlackArch Fuzzer

BlackArch Fuzzer

It incorporates 83 unique packages that generate random inputs to probe software vulnerabilities, helping testers...

By: BlackArch From United States
Alternatives
10
Awesome Fuzzing

Awesome Fuzzing

It features a curated collection of books, courses, tutorials, and tools, including vulnerable applications for...

By: secfigo From United States
Alternatives
11
Defensics Fuzz Testing

Defensics Fuzz Testing

Users can leverage over 300 maintained fuzz testing suites, facilitating targeted testing across various protocols...

By: Black Duck From United States
Alternatives
12
BFuzz

BFuzz

By utilizing HTML input, it opens a new browser instance and runs multiple test cases...

By: RootUp From United States
Alternatives
13
PortSwigger Burp Suite Professional

PortSwigger Burp Suite Professional

It streamlines repetitive tasks with smart automation while offering powerful manual tools, enabling users to...

By: PortSwigger From United Kingdom
Alternatives
14
Google ClusterFuzz

Google ClusterFuzz

Leveraging advanced techniques, it automates bug filing and triage while supporting multiple fuzzing engines...

By: Google From United States
Alternatives
15
LibFuzzer

LibFuzzer

It tracks code coverage via LLVM's SanitizerCoverage, evolving input data to maximize testing efficiency...

By: LLVM Project From United States
Alternatives

Top Wapiti Features

  • Black-box scanning capabilities
  • Supports GET and POST attacks
  • Multipart form support
  • Payload injection in filenames
  • Anomaly detection warnings
  • Differentiates XSS types
  • Generates comprehensive reports
  • HTML
  • XML
  • JSON
  • TXT formats
  • Command-line interface
  • Cross-platform compatibility
  • Cookie fetching utility
  • Easy installation via PIP
  • Extensive manpage documentation
  • Regular updates and support
  • Open-source under GPL.
Top Wapiti Alternatives