Waymap - Web Application Vulnerability Scanner Tool

Waymap - Web Vulnerability Scanner

Tool url - https://github.com/TrixSec/waymap

Current Version: 1.1.1

Author: Trix Cyrus

What is Waymap?

Waymap is a fast and optimized web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities, such as SQL Injection and Command Injection, by testing against a variety of payloads.

Features Overview

v1.0.3 (First Version)

SQL Injection

Command Injection

Web Crawling

v1.0.4

Updated crawler to operate within target domain boundaries and handle URL redirection.

Added auto-update functionality for the scanner (please reclone the repo if using v1.0.4).

v1.0.5

Fixed minor bugs (please reclone the repo if using v1.0.4).

v1.0.6

Enhanced the auto-update feature; no need to reclone the repo after this update. Please reclone if using v1.0.5.

v1.0.7

Fixed minor bugs and added support for scanning multiple URLs using --multi-target {targetfilename}.txt (ensure the file has one URL per line).

Auto-update enabled; no need to reclone unless on version v1.0.5 or older.

v1.0.8

Added concurrency to utilize more CPU threads, speeding up SQL injection scans.

Improved stability.

Added logging functionality.

v1.0.9

minor bug fix

v1.1.0

added a new scan type : Server Side Template Injection: --scan ssti

now you can do all type scan in one command using : --scan all

Added Threading In SSTI(Server Side Template Injection)

v1.1.1

fixed ssti exiting error

--NEW--UPDATES--SOON--

Installation and Usage

Clone the repository:

git clone https://github.com/TrixSec/waymap.git

Install the required dependencies:

pip install .

Run Waymap:

python waymap.py --crawl 1 --scan sql/cmdi/ssti/all --target https://example

.com

Check Help

python waymap.py -h