WAScan - Web Application Scanner
Note: building of a new version is underway...
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links and forms and attacking the scripts, sending payloads and looking for error messages,..etc. WAScan is built on python2.7 and can run on any platform which has a Python environment.
Fingerprint
Attacks
Audit
Bruteforce
Disclosure
$ git clone https://github.com/m4ll0k/WAScan.git wascan
$ cd wascan
$ pip install BeautifulSoup
$ python wascan.py
Fingerprint:
$ python wascan.py --url http://xxxxx.com/ --scan 0
Attacks:
$ python wascan.py --url http://xxxxx.com/index.php?id=1 --scan 1
Audit:
$ python wascan.py --url http://xxxxx.com/ --scan 2
Bruteforce:
$ python wascan.py --url http://xxxxx.com/ --scan 3
Disclosure:
$ python wascan.py --url http://xxxxx.com/ --scan 4
Full Scan:
$ python wascan.py --url http://xxxxx.com --scan 5
Bruteforce Hidden Parameters:
$ python wascan.py --url http://xxxxx.com/test.php --brute
$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234"
$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --data "id=1" --method POST
$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx
$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx --proxy-auth "root:4321"
$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx --proxy-auth "root:4321 --ragent -v