Skip to content

Module‐Specific Options

Jump to bottom
devloop edited this page Oct 23, 2024 · 1 revision

Wapiti provides the flexibility to target specific web platforms or content management systems (CMS) with custom attack strategies. Below is the current option available to customize the scan for particular CMS platforms.

CMS Detection

  • --cms CMS_LIST
    This option allows you to specify which Content Management Systems (CMS) you want Wapiti to focus on during the scan. By targeting specific CMS platforms, Wapiti can use tailored attack techniques and payloads, improving the effectiveness of the scan.

    Possible choices include:

    • drupal
    • joomla
    • prestashop
    • spip
    • wp (WordPress)

    Example usage:
    If you want to scan a target website that uses WordPress and Joomla, you can specify the platforms as follows:

    wapiti -u "http://target.com" --cms wp,joomla -m cms

    This will limit the attack surface to vulnerabilities specific to WordPress and Joomla.

    The --cms option only apply to the cms module (which must be specified with the -m option).

Home

Basic Usage

Output and Reporting

Authentication and Session Management

Crawler and Request Options

API and Endpoints

Miscellaneous

Clone this wiki locally