Automated Audit using WAPITI

Last revision (mm/dd/yy): 02/19/2012 This type of article aims to provide to development team a easy/quick way to perform automated audit tests against their web application projects over implementation phase.

Description
This page have to objective to show a WAPITI sample command line to automate audit of a web application.

WAPITI is a free and open source tools to audit the security of your web applications (WAPITI homepage).

This command line do not replace a manual audit but can be useful to perform a first validation.

Command line
python wapiti.py http://mysite.com -n 10 -b folder -u -v 1 -f html -o /tmp/scan_report

Options used:
 * -n: Define a limit of urls to read with the same pattern (prevent endless loops), here limit to 10.
 * -b: Set the scope of the scan, here we analyse all the links to the pages which are in the same domain as the URL passed.
 * -u: Use color to highlight vulnerables parameters in output.
 * -v: Define verbosity level, here we print each url.
 * -f: Define report type, here we choose HTML format.
 * -o: Define report destination, in our case it must be a directory because we choose HTML format.

Attack modules used by WAPITI:
 * backup: This module search backup of scripts on the server.
 * blindsql: Time-based blind sql scanner.
 * crlf: Search for CR/LF injection in HTTP headers.
 * exec: Module used to detect command execution vulnerabilities.
 * file: Search for include/fread and other file handling vulns.
 * htaccess: Try to bypass weak htaccess configurations.
 * nikto: Use a Nikto database to search for potentially dangerous files.
 * permanentxss: Look for permanent XSS.
 * sql: Standard error-based SQL injection scanner.
 * xss: Module for XSS detection.

Report
A sample HTML report is available here.