Tools

Wapiti – The Black Box Vulnerability Scanner for Web Applications

Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data base injections, file disclosures,  cross site scripting, command execution attacks,  XXE injection, and CRLF injection. The database injection includes SQL, XPath, PHP, ASP, and JSP injections. Command execution attacks include eval(), system(), and passtru() vulnerabilities. Besides identifying the aforesaid vulnerabilities, […]

Tools

Sitadel – An Open Source Tool for Finding Web Application Vulnerabilities

Sitadel is a python based web application scanner. It’s flexible and has many different scanning options. It can get a full fingerprint of a server and bruteforce directories, admin pages, files etc. Also, it can search for injection type attacks (slq, html, xss, rfi, ldap and more), other information disclosures and popular vulnerabilities. Installing Sitadel […]