Finding vulnerabilities with Wapiti
Wapiti is another terminal-based Web vulnerability scanner, which sends GET and POST requests to target sites looking for the following vulnerabilities (http://wapiti.sourceforge.net/):
File disclosure
Database injection
XSS (cross-site scripting)
Command execution detection
CRLF injection
XXE (XML eXternal Entity) injection
Use of known potentially dangerous files
Weak
.htaccess
configurations that can be bypassedPresence of backup files that give sensitive information (source code disclosure)
In this recipe, we will use Wapiti to discover vulnerabilities in one of our test applications and generate a report of the scan.
How to do it...
We can call Wapiti from a terminal window, as shown:
wapiti http://192.168.56.102/peruggia/ -o wapiti_result -f html -m "-blindsql"
We will scan the Peruggia application in our vulnerable_vm, save the output in HTML format inside the
wapiti_result
directory, and skip the blind SQL injection tests.If we open the report's directory...