Web Application Vulnerability Scanners are automated tools that scan web applications, normally from the outside, to look for security vulnerabilities such as Cross-site scripting, SQL Injection, Command Injection, Path Traversal and insecure server configuration.
Installation
- git clone https://github.com/zigoo0/webpwn3r.git
- cd webpwn3
- sudo chmod +x *
Demo

How to use
- ./scan.py
- The tool will ask you if you want to scan URL or List of urls?
- Enter number 1 to scan a URL
- Enter number 2 to scan list of URL's
Features
- Scan a URL or List of URL’s
- Detect and Exploit Remote Code Injection Vulnerabilities.
- Remote Command Execution Vulnerabilities.
- SQL Injection Vulnerabilities.
- Typical XSS Vulnerabilities.
- Detect WebKnight WAF.
- Improved Payloads to bypass Security Filters/WAF’s.
- Finger-Print the backend Technologies.
Reference
https://github.com/zigoo0/webpwn3r