[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ waymap Public

Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.

License

GPL-3.0 license
39 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TrixSec/waymap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

211 Commits
data
data
Β 
Β 
doc
doc
Β 
Β 
extras
extras
Β 
Β 
lib
lib
Β 
Β 
session
session
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
VERSION
VERSION
Β 
Β 
requirements.txt
requirements.txt
Β 
Β 
waymap.py
waymap.py
Β 
Β 

Repository files navigation

Waymap - Web Vulnerability Scanner.

Current Version: 5.7.2 Author: Trix Cyrus
Copyright: Β© 2024 Trixsec Org
Maintained: Yes

What is Waymap?

Waymap is a fast and optimized web vulnerability scanner designed to identify security flaws in web applications. With support for multiple scan types and customizable configurations, it is a versatile tool for ethical hackers, penetration testers, and security enthusiasts. And Is Able To Scan For 75+ Web Vulnerabilities

Features Overview

Latest Update

v5.5.1

  • Added 45 CVEs Vulnerability Detections Logics
  • 11 Critical-Risk CVEs And 34 High-Risk CVEs
  • For CVEs Info Read The CVEVULN.md File

v5.6.1

  • Added New 19 CVEs Vulnerability Detections Logics
  • 8 Critical-Risk CVEs And 11 High-Risk CVEs
  • For CVEs Info Read The CVEVULN.md File

v5.7.1

  • Removed arg --random-agent, now waymap will by default use different headers for every requests
  • Added IP Spoofing for more anonymity
  • Updated Wp Plugin Checking Logic In Both High Profile And Critical Profile
  • some minor bug fix

v5.7.2

  • Added New Logic To Update Waymap

πŸš€ Features

1. Flexible Scanning Options

  • Target-based scanning: Scan single or multiple targets using --target or --multi-target options (Requires Crawling).
  • Direct URL scanning: Use --url or --multi-url to scan specific URLs without crawling.
  • Profile-based scanning: Supports high-risk and critical-risk scan profiles for targeted assessments.

2. Supported Scan Types

  • SQL Injection (SQLi):
    Detect vulnerabilities related to SQL injection.
  • Command Injection (CMDi):
    Identify potential command execution vulnerabilities.
  • Server-Side Template Injection (SSTI):
    Scan for template injection risks in server-side frameworks.
  • Cross-Site Scripting (XSS):
    Check for reflective XSS vulnerabilities.
  • Local File Inclusion (LFI):
    Locate file inclusion vulnerabilities.
  • Open Redirect:
    Identify redirect-related issues.
  • Carriage Return and Line Feed (CRLF):
    Scan for CRLF injection flaws.
  • Cross-Origin Resource Sharing (CORS):
    Check for misconfigurations in CORS policies.
  • All-in-one scanning:
    Perform all available scans in a single command.

3. Profile-based Scanning

  • High-Risk Profile:
  • Critical-Risk Profile:
    Focuses on severe vulnerabilities, such as CVE-based attacks.

4. Crawling Capabilities

  • Crawl target websites with customizable depth (--crawl).
  • Automatically discover and extract URLs for scanning.

5. Threaded Scanning

  • Speed up scans with multithreading (--threads).

6. User-Agent Randomization

  • Randomize requests using different user agents (--random-agent).

7. Automation Features

  • Skip prompts using the --no-prompt option.
  • Automatically handle missing directories, files, and session data.

8. Update Checker

  • Easily check for the latest updates (--check-updates).

πŸ› οΈ How to Use

Basic Commands

  1. Scan a single target: 
    python waymap.py --crawl 3 --target https://example.com --scan {scan_type}
  2. Scan multiple targets from a file: 
    python waymap.py --crawl 3 --multi-target targets.txt --scan {scan_type}
  3. Directly scan a single URL: 
    python waymap.py --url https://example.com/page?id=1 --scan {scan_type}
  4. Profile-based scanning: 
    python waymap.py --profileurl https://example.com --profile high-risk/critical-risk

Thread Configuration

  1. Use threading for faster scans: 
    python waymap.py --crawl 3 --target https://example.com --scan ssti --threads 10

Update Check

  1. Ensure you have the latest version: 
    python waymap.py --check-updates

Check Help

python waymap.py -h

Waymap makes web vulnerability scanning efficient and accessible. Start securing your applications today! 🎯

Credits

  • Thanks SQLMAP For Payloads Xml File

IF There's Any Issue In Waymay Then Submit The Issues Here: https://github.com/TrixSec/waymap/issues

Also Star The Repo And Fork It

Follow Us on Telegram

Stay updated with the latest tools and hacking resources. Join our Telegram Channel by clicking the logo below:

Telegram

Happy Hacking!

About

Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.

Topics

python scanner hacking command-line-tool sqlmap exploitation-framework xss-exploitation xss-detection sql-scanner sqlinjection command-injection lfi-exploitation ssti website-hacking open-redirect-detection sqli-scanner command-injection-scanner waymap trixsec website-hacking-tool

Resources

Readme

License

GPL-3.0 license
Activity

Stars

39 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases 9

v5.6.1 Latest
Dec 1, 2024
+ 8 releases

Packages

No packages published

Contributors 3

Languages