A powerful web security tool for automated scanning.
Project description
Waymap - Web Vulnerability Scanner.
Current Version: 6.2.10
Author: Trix Cyrus(Vicky)
Copyright: © 2024-25 Trixsec Org
Maintained: Yes
What is Waymap?
Waymap is a fast and optimized web vulnerability scanner designed to identify security flaws in web applications. With support for multiple scan types and customizable configurations, it is a versatile tool for ethical hackers, penetration testers, and security enthusiasts. And Is Able To Scan For 75+ Web Vulnerabilities
Features Overview
Latest Update
v5.9.4
- Removed Old Error Based Sql Method Use the new one by --scan sqli
- Updated The Open Redirect Vuln Testing In Waymap
- Updated The Crawler To v4
- Added 249 High Risk Cves Data In Waymap
- Total Count: 390
v6.1.6
- Added New Module In Deepscan Profile : Vulnerable Javascript Library And Files Scanner
- Added WAF/IPS Detector In Waymap Can Detect More Than 160 Types of Waf
- Usage: --check-waf/--waf https://example.com
v6.1.7
- XSS payload file missing error fix
- some minor bugs fix
v6.1.8
- updated the SQL Injection Exiting logic
- minor bug fixes
v6.2.8
- Added Time Based Sqli Scanning Logic
- Added Scan Results Saving Logic
- Added Interactive Prompt Based And Arggument Based Scanning Logic
- Updated The UI
v6.2.9
- Bug Fixed
- Optimised
- Reduced Lag
v6.2.10
- Multi-threading in SQLi
--- New Big Updates Soon
🚀 Features
1. Flexible Scanning Options
- Target-based scanning:
Scan single or multiple targets using
--targetor--multi-targetoptions - Profile-based scanning: Supports high-risk, critical-risk and deepscan scan profiles for targeted assessments.
2. Supported Scan Types
- SQL Injection (SQLi):
Detect vulnerabilities related to SQL injection. - Command Injection (CMDi):
Identify potential command execution vulnerabilities. - Server-Side Template Injection (SSTI):
Scan for template injection risks in server-side frameworks. - Cross-Site Scripting (XSS):
Check for reflective XSS vulnerabilities. - Local File Inclusion (LFI):
Locate file inclusion vulnerabilities. - Open Redirect:
Identify redirect-related issues. - Carriage Return and Line Feed (CRLF):
Scan for CRLF injection flaws. - Cross-Origin Resource Sharing (CORS):
Check for misconfigurations in CORS policies. - All-in-one scanning:
Perform all available scans in a single command.
3. Profile-based Scanning
- High-Risk Profile:
- Critical-Risk Profile:
- deepscan Profile: Focuses on severe vulnerabilities, such as CVE-based attacks.
4. Crawling Capabilities
- Crawl target websites with customizable depth (
--crawl). - Automatically discover and extract URLs for scanning.
5. Threaded Scanning
- Speed up scans with multithreading (
--threads).
6. Automation Features
- Skip prompts using the
--no-promptoption. - Automatically handle missing directories, files, and session data.
7. Update Checker
- Easily check for the latest updates (
--check-updates).
🛠️ How to Use
Basic Commands
- Scan a single target:
python waymap.py --crawl 3 --target https://example.com --scan {scan_type}
- Scan multiple targets from a file:
python waymap.py --crawl 3 --multi-target targets.txt --scan {scan_type}
- Directly scan a single Target Without Crawling:
python waymap.py --target https://example.com/page?id=1 --scan {scan_type}
- Directly Scan multiple targets from a file:
python waymap.py --multi-target targets.txt --scan {scan_type}(example url type: https://example.com/page?id=1 )
- Profile-based scanning:
python waymap.py --target https://example.com --profile high-risk/critical-risk/deepscan
Thread Configuration
- Use threading for faster scans:
python waymap.py --crawl 3 --target https://example.com --scan ssti --threads 10
Update Check
- Ensure you have the latest version:
python waymap.py --check-updates
Check Help
python waymap.py -h
Repository Views 
Waymap makes web vulnerability scanning efficient and accessible. Start securing your applications today! 🎯
Credits
- Thanks SQLMAP For Payloads Xml File
If you face any issues in Waymap, please submit them here: https://github.com/TrixSec/waymap/issues
Also Star The Repo And Fork It
Follow Us on Telegram
Stay updated with the latest tools and hacking resources. Join our Telegram Channel by clicking the logo below:
Happy Hacking!
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
waymap-6.2.11.tar.gz
(1.2 MB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
waymap-6.2.11-py3-none-any.whl
(246.2 kB
view details)
File details
Details for the file waymap-6.2.11.tar.gz.
File metadata
- Download URL: waymap-6.2.11.tar.gz
- Upload date:
- Size: 1.2 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
de7034d075e3b8df6bc8f6c0951b42f8f4f47e5ba7f523d0cb6db6c30edb434c
|
|
| MD5 |
3bbd739756c3ea9c4a9854b6e3f1079f
|
|
| BLAKE2b-256 |
6d524898f641715165c85a734a8275321258479c0934b2fc091cc0be67b695f2
|
File details
Details for the file waymap-6.2.11-py3-none-any.whl.
File metadata
- Download URL: waymap-6.2.11-py3-none-any.whl
- Upload date:
- Size: 246.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
edd20f8f69105ec3a1a5ff4e40935df7fb2a519a3d314f941d5ce6655c47169a
|
|
| MD5 |
fec00646101e66fe438607838314b06b
|
|
| BLAKE2b-256 |
a26144551b05b8294fe8779f9bc5ec9e66c95bb1e436e5d4a1ac31b3fb6b772d
|
