Penetration Testing mailing list archives
Perl Script for Wapiti Web application vulnerability scanner / security auditor
From: security () replica-solutions de
Date: 25 Aug 2006 08:08:27 -0000
Scanner & start.pl Download -> http://www.replica-solutions.de/index.php?ind=downloads&op=entry_view&iden=17 I have coded start.pl to handle the scanner easier... in future i will code in the perl script all the other commands from the Scanner in -> "it's done when it's done". Here is the First Simple Version for Basic Handling: ------ code begin ------ #!/usr/bin/perl use Socket; print "Wapiti Standart use comfortable Perl Script v1.0\n"; print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n"; print "HTTP: www.replica-solutions.de\n\n"; print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n"; print "enter the IP or the Hostname from the Page you like to test\n\n Enter Host or IP:\n"; $scan_host = <STDIN>; chop($scan_host); print "enter the Url wich you want to exclude \n from this Scan (press return without input if \n you want to scan all!\n\n Enter Path or leave Blank:"; $exclude_path = <STDIN>; chop($exclude_path); my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u"); print "$Output"; ------ code end ------ for my personal use, i've added hardcoded Proxy Support: ------ code begin ------ #!/usr/bin/perl $proxy_ip = 127.0.0.1; $proxy_port = 8118; use Socket; print "Wapiti Standart use comfortable Perl Script v1.0\n"; print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n"; print "HTTP: www.replica-solutions.de\n\n"; print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n"; print "enter the IP or the Hostname from the Page you like to test\n\n Enter Host or IP:\n"; $scan_host = <STDIN>; chop($scan_host); print "enter the Url wich you want to exclude \n from this Scan (press return without input if \n you want to scan all!\n\n Enter Path or leave Blank:\n"; $exclude_path = <STDIN>; chop($exclude_path); my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u -p $proxy_ip:$proxy_port"); print "$Output"; ------code end------ enjoy :) -- yet another Exploit Source : http://www.replica-solutions.de Warum ich kein Linux benutze: http://tinyurl.com/hjv5h Nmap in combination with other Linux tools: http://tinyurl.com/pknlw ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- Perl Script for Wapiti Web application vulnerability scanner / security auditor security (Aug 25)