DEV Community

Trix Cyrus
Trix Cyrus

Posted on

Automated Website Hacking Tool

Author: Trix Cyrus

Waymap - Web Vulnerability Scanner
Current Version: 1.1.1
Author: Trix Cyrus
Copyright: © 2024 Trixsec Org

What is Waymap?
Waymap is a fast and optimized web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities, such as SQL Injection and Command Injection, by testing against a variety of payloads.

Features Overview
v1.0.3 (First Version)
SQL Injection
Command Injection
Web Crawling

v1.0.4

Updated crawler to operate within target domain boundaries and handle URL redirection.
Added auto-update functionality for the scanner (please reclone the repo if using v1.0.4).

v1.0.5

Fixed minor bugs (please reclone the repo if using v1.0.4).

v1.0.6

Enhanced the auto-update feature; no need to reclone the repo after this update. Please reclone if using v1.0.5.

v1.0.7

Fixed minor bugs and added support for scanning multiple URLs using --multi-target {targetfilename}.txt (ensure the file has one URL per line).
Auto-update enabled; no need to reclone unless on version v1.0.5 or older.

v1.0.8

Added concurrency to utilize more CPU threads, speeding up SQL injection scans.
Improved stability.
Added logging functionality.

v1.0.9

minor bug fix

v1.1.0

added a new scan type : Server Side Template Injection: --scan ssti
now you can do all type scan in one command using : --scan all
Added Threading In SSTI(Server Side Template Injection)

v1.1.1
fixed ssti exiting error

--NEW--UPDATES--SOON--

Installation and Usage

Clone the repository:

git clone https://github.com/TrixSec/waymap.git
Enter fullscreen mode Exit fullscreen mode

Install the required dependencies:

pip install .
Enter fullscreen mode Exit fullscreen mode

Run Waymap:

python waymap.py --crawl 1 --scan sql/cmdi/ssti/all --target https://example.com

Enter fullscreen mode Exit fullscreen mode

Check Help

python waymap.py -h
Enter fullscreen mode Exit fullscreen mode

Follow Us on Telegram
Stay updated with the latest tools and hacking resources. Join our Telegram Channel

~Trixsec

Top comments (0)