Waymap - Web Vulnerability Scanner
Current Version: 2.4.1
Author: Trix Cyrus
Contributions: Yash (0day-Yash) & Jennin (@JeninSutradhar)
Copyright: © 2024 Trixsec Org
Maintained: Yes
Waymap is a fast and optimized And Automated web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities by testing against a variety of payloads.
Check out this video to see Waymap in action:
- SQL Injection
- Command Injection
- Web Crawling
- Updated crawler to operate within target domain boundaries and handle URL redirection.
- Added auto-update functionality for the scanner (please reclone the repo if using v1.0.4).
- Fixed minor bugs (please reclone the repo if using v1.0.4).
- Enhanced the auto-update feature; no need to reclone the repo after this update. Please reclone if using v1.0.5.
- Fixed minor bugs and added support for scanning multiple URLs using
--multi-target {targetfilename}.txt
(ensure the file has one URL per line). - Auto-update enabled; no need to reclone unless on version v1.0.5 or older.
- Added concurrency to utilize more CPU threads, speeding up SQL injection scans.
- Improved stability.
- Added logging functionality.
- added a new scan type : Server Side Template Injection: --scan ssti
- now you can do all type scan in one command using : --scan all
- Added Threading In SSTI(Server Side Template Injection)
- added new scanning module: xss(cross site scripting) --scan xss
- added xss filters bypass payload testing
- added threading in xss testing
- added new scanning module: LFI(Local File Inclusion) --scan lfi
- added threading in lfi testing
- added new scanning module: --scan open-redirect (check for open redirection vulnerability)
- added custom threads count in open redirect testing
- fixed minor bugs
- added new scanning module: --scan crlf(Carriage Return and Line Feed)
- added custom threading count in crlf
- added a more advanced crawler to waymap can crawl at any depth
- added custom threading in crawling
- added new user-agents in ua.txt
- fixed major bugs/errors
--NEW--UPDATES--SOON--
git clone https://github.com/TrixSec/waymap.git
Install the required dependencies:
pip install .
python waymap.py --crawl 1 --scan sql/cmdi/ssti/xss/lfi/open-redirect/all --target/--multi-target https://example.com/{filename}.txt
python waymap.py -h
Stay updated with the latest tools and hacking resources. Join our Telegram Channel by clicking the logo below: