Author: Trix Cyrus
[🔹 Try My] Waymap Pentesting Tool
[🔹 Follow] TrixSec GitHub
[🔹 Join] TrixSec Telegram
When I started building Waymap, the goal was simple.
Create a fast, practical, open source web vulnerability scanner that developers and security researchers could actually use.
Over the past few months, I realized that adding more payloads wasn't enough. The architecture itself needed to evolve.
That led to Waymap v8.0.0.
AI Should Assist, Not Replace
One of the biggest misconceptions around AI in cybersecurity is that it should replace scanners.
I don't believe that.
The scanner should remain responsible for deterministic verification.
AI should help with reasoning.
In Waymap, AI is used for:
Context-aware payload generation
Attack surface discovery
False positive reduction
Result analysis
Vulnerability chain analysis
AI enhanced reporting
The scanner still decides whether a vulnerability exists.
AI simply helps explain and prioritize the results.
SQL Injection Improvements
SQL Injection also received one of its biggest upgrades.
Waymap now supports:
Boolean Based
Error Based
Time Based
Union Based
Inline Query
Stacked Queries
along with database enumeration support.
This significantly expands the testing capabilities compared to previous versions.
A Better Foundation
Besides adding features, a lot of work went into improving the internals.
Version 8 introduces:
Event-driven architecture
Better reconnaissance
Request fingerprinting
Improved HTTP layer
Smarter crawler
Better reliability
These aren't flashy features, but they'll make future development much easier and improve scan performance.
What's Next?
v8.0.0 is a foundation release.
Now that the architecture is in place, I can focus on improving detection logic, expanding vulnerability coverage, and continuing to experiment with AI-assisted offensive security workflows.
If you'd like to try it out or contribute, I'd love to hear your feedback.
GitHub:
https://github.com/TrixSec/waymap
A star would be appreciated
~TrixSec
Top comments (0)