Home page logo
/

pen-test logo Penetration Testing mailing list archives

Perl Script for Wapiti Web application vulnerability scanner / security auditor
From: security () replica-solutions de
Date: 25 Aug 2006 08:08:27 -0000

Scanner & start.pl Download -> http://www.replica-solutions.de/index.php?ind=downloads&op=entry_view&iden=17

I have coded start.pl to handle the scanner easier...

in future i will code in the perl script all the other commands from the Scanner in -> "it's done when it's done".

Here is the First Simple Version for Basic Handling:

------ code begin ------
#!/usr/bin/perl

use Socket;
print "Wapiti Standart use comfortable Perl Script v1.0\n";
print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n";
print "HTTP: www.replica-solutions.de\n\n";
print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n";
print "enter the IP or the Hostname from the Page you like to test\n\n Enter Host or IP:\n";
$scan_host = <STDIN>;
chop($scan_host);
print "enter the Url wich you want to exclude \n from this Scan (press return without input if \n you want to scan 
all!\n\n Enter Path or leave Blank:";
$exclude_path = <STDIN>;
chop($exclude_path);
my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u");
print "$Output";

------ code end ------

for my personal use, i've added hardcoded Proxy Support:

------ code begin ------
#!/usr/bin/perl
$proxy_ip = 127.0.0.1;
$proxy_port = 8118;

use Socket;
print "Wapiti Standart use comfortable Perl Script v1.0\n";
print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n";
print "HTTP: www.replica-solutions.de\n\n";
print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n";
print "enter the IP or the Hostname from the Page you like to test\n\n Enter Host or IP:\n";
$scan_host = <STDIN>;
chop($scan_host);
print "enter the Url wich you want to exclude \n from this Scan (press return without input if \n you want to scan 
all!\n\n Enter Path or leave Blank:\n";
$exclude_path = <STDIN>;
chop($exclude_path);
my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u -p $proxy_ip:$proxy_port");
print "$Output";

------code end------

enjoy :)
-- 
yet another Exploit Source : http://www.replica-solutions.de
Warum ich kein Linux benutze: http://tinyurl.com/hjv5h
Nmap in combination with other Linux tools: http://tinyurl.com/pknlw

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Perl Script for Wapiti Web application vulnerability scanner / security auditor security (Aug 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]