![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
Scan websites for vulnerabilities because if you find vulnerability in your website then you can fix it and prevent your site from hackers or attackers. So if you guy’s interested then let’s get started.
https://raw.githubusercontent.com/m4ll0k/WAScan/master/screen/screen.png
WAScan (Web Application Scan) it is designed to find various vulnerabilities using " Black-Box " method find errors, send payloads, test script injections, etc. and test almost popular web application vulnerabilities on target domain.
Features
Fingerprint
- Content Management System (CMS) → 6
- Web Frameworks → 22
- Cookies/Headers Security
- Languages → 9
- Operating Systems (OS) → 7
- Server → ALL
- Web App Firewall (WAF) → 50+
Attacks
- Bash Commands Injection
- Blind SQL Injection
- Buffer Overflow
- Carriage Return Line Feed
- SQL Injection in Headers
- XSS in Headers
- HTML Injection
- LDAP Injection
- Local File Inclusion
- OS Commanding
- PHP Code Injection
- SQL Injection
- Server Side Injection
- XPath Injection
- Cross Site Scripting
- XML External Entity
Audit
- Apache Status Page
- Open Redirect
- PHPInfo
- Robots.txt
- XST
Bruteforce
- Admin Panel
- Common Backdoor
- Common Backup Dir
- Common Backup File
- Common Dir
- Common File
- Hidden Parameters
Disclosure
- Credit Cards
- Emails
- Private IP
- Errors → ( fatal errors ,…)
- SSN
Now requirements automatically installed in your system. Once it’s show you successful message you can use it with following commands.