WAppEx is an integrated platform for
performing penetration testing and exploiting of web applications on
Windows or Linux. It can automatically check for all type of security
vulnerabilities in the given target and then let you to run various
payloads to exploit and take advantages of the vulnerability.
and it is executable in Linux and Windows.
hundreds of exploits provides an automated, comprehensive and
reliable exploit for penetration testers and security professionals
Top priorities are high-risk and zero-day vulnerabilities.
reliable payloads which contains connect-back, listener shell,
arbitrary code execution, arbitrary file upload,…
experienced users write their own scripts and payloads to test and
exploit any vulnerability in web applications.
available at any time and a daily support is available via phone or
applications. WAppEx uses Havij – Advanced SQL Injection Tool engine
to find and exploit this vulnerability.
remote file. WAppEx can check for this vulnerability and run various
payloads to execute commands on web server.
local file. Just like RFI WAppEx tests and exploits this
commands on server. WAppEx tests and exploits this vulnerability to
execute custom commands to get a reverse shell.
introduce (or “inject”) script into a web application.
WAppEx automatically tests and exploit this vulnerability to escalate
access to web server and get a reverse shell.
of local files on the web server. WAppEx can exploit this
vulnerability to read sensitive files on the server.