Forem

Trix Cyrus
Trix Cyrus

Posted on

7 3 3 3 3

Automated Website Hacking Tool

Author: Trix Cyrus

Waymap - Web Vulnerability Scanner
Current Version: 1.1.1
Author: Trix Cyrus
Copyright: © 2024 Trixsec Org

What is Waymap?
Waymap is a fast and optimized web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities, such as SQL Injection and Command Injection, by testing against a variety of payloads.

Features Overview
v1.0.3 (First Version)
SQL Injection
Command Injection
Web Crawling

v1.0.4

Updated crawler to operate within target domain boundaries and handle URL redirection.
Added auto-update functionality for the scanner (please reclone the repo if using v1.0.4).

v1.0.5

Fixed minor bugs (please reclone the repo if using v1.0.4).

v1.0.6

Enhanced the auto-update feature; no need to reclone the repo after this update. Please reclone if using v1.0.5.

v1.0.7

Fixed minor bugs and added support for scanning multiple URLs using --multi-target {targetfilename}.txt (ensure the file has one URL per line).
Auto-update enabled; no need to reclone unless on version v1.0.5 or older.

v1.0.8

Added concurrency to utilize more CPU threads, speeding up SQL injection scans.
Improved stability.
Added logging functionality.

v1.0.9

minor bug fix

v1.1.0

added a new scan type : Server Side Template Injection: --scan ssti
now you can do all type scan in one command using : --scan all
Added Threading In SSTI(Server Side Template Injection)

v1.1.1
fixed ssti exiting error

--NEW--UPDATES--SOON--

Installation and Usage

Clone the repository:

git clone https://github.com/TrixSec/waymap.git
Enter fullscreen mode Exit fullscreen mode

Install the required dependencies:

pip install .
Enter fullscreen mode Exit fullscreen mode

Run Waymap:

python waymap.py --crawl 1 --scan sql/cmdi/ssti/all --target https://example.com

Enter fullscreen mode Exit fullscreen mode

Check Help

python waymap.py -h
Enter fullscreen mode Exit fullscreen mode

Follow Us on Telegram
Stay updated with the latest tools and hacking resources. Join our Telegram Channel

~Trixsec

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more →

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay