How to Install and Uninstall wapiti Package on Ubuntu 20.10 (Groovy Gorilla)

Last updated: November 07,2024

1. Install "wapiti" package

This guide covers the steps necessary to install wapiti on Ubuntu 20.10 (Groovy Gorilla)

$ sudo apt update $ sudo apt install wapiti

2. Uninstall "wapiti" package

Here is a brief guide to show you how to uninstall wapiti on Ubuntu 20.10 (Groovy Gorilla):

$ sudo apt remove wapiti $ sudo apt autoclean && sudo apt autoremove

3. Information about the wapiti package on Ubuntu 20.10 (Groovy Gorilla)

Package: wapiti
Architecture: all
Version: 3.0.3+dfsg-2
Priority: optional
Section: universe/python
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Debian Security Tools
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 1602
Depends: libjs-jquery, python3-bs4, python3-mako, python3-requests, python3-socks, python3-tld, python3-yaswfp, python3:any
Filename: pool/universe/w/wapiti/wapiti_3.0.3+dfsg-2_all.deb
Size: 318600
MD5sum: 4fe3964c65265e74551df7557fcf51c7
SHA1: 8a117f80c43261c87b0445c6858cfbef4e9e6058
SHA256: 20f87e548989b45ed276882dad28283cb866a91b372633d5875a2b2ef9606cea
SHA512: 702386af7c547d5c4ca017b6f39bb48afd49eafff80d55e4684c6f9f22dfb2ee745ce8739c509f3f13f2b5aeffe16a36093d1cb69788f6a90ffa2c64ab8a4994
Homepage: http://wapiti.sourceforge.net/
Description-en: web application vulnerability scanner
Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the
application but will scan the web pages of the deployed web applications,
looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see
if a script is vulnerable.
.
Wapiti can detect the following vulnerabilities:
- Database Injection (PHP/ASP/JSP SQL Injections and XPath Injections)
- Cross Site Scripting (XSS) reflected and permanent
- File disclosure detection (local and remote include, require, fopen,
readfile...)
- Command Execution detection (eval(), system(), passtru()...)
- XXE (Xml eXternal Entity) injection
- CRLF Injection
- Search for potentially dangerous files on the server (thank to the Nikto db)
- Bypass of weak htaccess configurations
- Search for copies (backup) of scripts on the server
- Shellshock
- DirBuster like
- Server Side Request Forgery (through use of an external Wapiti website)
Description-md5: b13c5cbe215f396866461fbe6e26610d