# Waymap - Web Vulnerability Scanner.
**Current Version**: 6.2.10
**Author**: Trix Cyrus(Vicky)
**Copyright**: © 2024-25 Trixsec Org
**Maintained**: Yes
## What is Waymap?
**Waymap** is a fast and optimized web vulnerability scanner designed to identify security flaws in web applications. With support for multiple scan types and customizable configurations, it is a versatile tool for ethical hackers, penetration testers, and security enthusiasts. And Is Able To Scan For **75+ Web Vulnerabilities**
## Features Overview
---
### Latest Update
#### v5.9.4
- Removed Old Error Based Sql Method Use the new one by --scan sqli
- Updated The Open Redirect Vuln Testing In Waymap
- Updated The Crawler To v4
- Added 249 High Risk Cves Data In Waymap
- Total Count: 390
#### v6.1.6
- Added New Module In Deepscan Profile : Vulnerable Javascript Library And Files Scanner
- Added WAF/IPS Detector In Waymap Can Detect More Than 160 Types of Waf
- Usage: --check-waf/--waf https://example.com
#### v6.1.7
- XSS payload file missing error fix
- some minor bugs fix
#### v6.1.8
- updated the SQL Injection Exiting logic
- minor bug fixes
#### v6.2.8
- Added Time Based Sqli Scanning Logic
- Added Scan Results Saving Logic
- Added Interactive Prompt Based And Arggument Based Scanning Logic
- Updated The UI
#### v6.2.9
- Bug Fixed
- Optimised
- Reduced Lag
#### v6.2.10
- Multi-threading in SQLi
--- New Big Updates Soon
## 🚀 **Features**
### 1. **Flexible Scanning Options**
- **Target-based scanning:**
Scan single or multiple targets using `--target` or `--multi-target` options
- **Profile-based scanning:**
Supports high-risk, critical-risk and deepscan scan profiles for targeted assessments.
### 2. **Supported Scan Types**
- **SQL Injection (SQLi):**
Detect vulnerabilities related to SQL injection.
- **Command Injection (CMDi):**
Identify potential command execution vulnerabilities.
- **Server-Side Template Injection (SSTI):**
Scan for template injection risks in server-side frameworks.
- **Cross-Site Scripting (XSS):**
Check for reflective XSS vulnerabilities.
- **Local File Inclusion (LFI):**
Locate file inclusion vulnerabilities.
- **Open Redirect:**
Identify redirect-related issues.
- **Carriage Return and Line Feed (CRLF):**
Scan for CRLF injection flaws.
- **Cross-Origin Resource Sharing (CORS):**
Check for misconfigurations in CORS policies.
- **All-in-one scanning:**
Perform all available scans in a single command.
### 3. **Profile-based Scanning**
- **High-Risk Profile:**
- **Critical-Risk Profile:**
- **deepscan Profile:**
Focuses on severe vulnerabilities, such as CVE-based attacks.
### 4. **Crawling Capabilities**
- Crawl target websites with customizable depth (`--crawl`).
- Automatically discover and extract URLs for scanning.
### 5. **Threaded Scanning**
- Speed up scans with multithreading (`--threads`).
### 6. **Automation Features**
- Skip prompts using the `--no-prompt` option.
- Automatically handle missing directories, files, and session data.
### 7. **Update Checker**
- Easily check for the latest updates (`--check-updates`).
---
## 🛠️ **How to Use**
### Basic Commands
1. **Scan a single target:**
```bash
python waymap.py --crawl 3 --target https://example.com --scan {scan_type}
```
2. **Scan multiple targets from a file:**
```bash
python waymap.py --crawl 3 --multi-target targets.txt --scan {scan_type}
```
3. **Directly scan a single Target Without Crawling:**
```bash
python waymap.py --target https://example.com/page?id=1 --scan {scan_type}
2. **Directly Scan multiple targets from a file:**
```bash
python waymap.py --multi-target targets.txt --scan {scan_type}(example url type: https://example.com/page?id=1 )
```
4. **Profile-based scanning:**
```bash
python waymap.py --target https://example.com --profile high-risk/critical-risk/deepscan
```
### Thread Configuration
1. **Use threading for faster scans:**
```bash
python waymap.py --crawl 3 --target https://example.com --scan ssti --threads 10
```
### Update Check
1. **Ensure you have the latest version:**
```bash
python waymap.py --check-updates
```
### Check Help
```bash
python waymap.py -h
```
---
**Repository Views**  (After 05-01-2025)
### Waymap makes web vulnerability scanning efficient and accessible. Start securing your applications today! 🎯
#### Credits
- Thanks SQLMAP For Payloads Xml File
### If you face any issues in Waymap, please submit them here: https://github.com/TrixSec/waymap/issues
#### Also Star The Repo And Fork It
### Follow Us on Telegram
Stay updated with the latest tools and hacking resources. Join our Telegram Channel by clicking the logo below:
[](https://t.me/Trixsec)
### Happy Hacking!
Raw data
{
"_id": null,
"home_page": "https://github.com/TrixSec/waymap",
"name": "waymap",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": null,
"keywords": "security, pentesting, vulnerability-scanning, cybersecurity",
"author": "Trix Cyrus",
"author_email": "trixcyrus666@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/60/c9/b7b9cec3efd45a5386ad268031e668f704acd114fe8b6e2f0bb895d284f7/waymap-6.2.10.tar.gz",
"platform": null,
"description": "# Waymap - Web Vulnerability Scanner.\r\n\r\n**Current Version**: 6.2.10 \r\n**Author**: Trix Cyrus(Vicky)\r\n**Copyright**: \u00a9 2024-25 Trixsec Org \r\n**Maintained**: Yes \r\n\r\n\r\n\r\n## What is Waymap?\r\n**Waymap** is a fast and optimized web vulnerability scanner designed to identify security flaws in web applications. With support for multiple scan types and customizable configurations, it is a versatile tool for ethical hackers, penetration testers, and security enthusiasts. And Is Able To Scan For **75+ Web Vulnerabilities**\r\n\r\n## Features Overview\r\n---\r\n\r\n### Latest Update\r\n\r\n#### v5.9.4\r\n- Removed Old Error Based Sql Method Use the new one by --scan sqli\r\n- Updated The Open Redirect Vuln Testing In Waymap\r\n- Updated The Crawler To v4\r\n- Added 249 High Risk Cves Data In Waymap\r\n- Total Count: 390\r\n\r\n#### v6.1.6\r\n- Added New Module In Deepscan Profile : Vulnerable Javascript Library And Files Scanner\r\n- Added WAF/IPS Detector In Waymap Can Detect More Than 160 Types of Waf\r\n- Usage: --check-waf/--waf https://example.com\r\n\r\n#### v6.1.7\r\n- XSS payload file missing error fix\r\n- some minor bugs fix\r\n\r\n#### v6.1.8\r\n- updated the SQL Injection Exiting logic\r\n- minor bug fixes\r\n\r\n#### v6.2.8\r\n- Added Time Based Sqli Scanning Logic\r\n- Added Scan Results Saving Logic\r\n- Added Interactive Prompt Based And Arggument Based Scanning Logic\r\n- Updated The UI\r\n\r\n#### v6.2.9\r\n- Bug Fixed\r\n- Optimised\r\n- Reduced Lag\r\n\r\n#### v6.2.10\r\n- Multi-threading in SQLi\r\n\r\n--- New Big Updates Soon\r\n\r\n## \ud83d\ude80 **Features**\r\n\r\n### 1. **Flexible Scanning Options**\r\n - **Target-based scanning:** \r\n Scan single or multiple targets using `--target` or `--multi-target` options \r\n - **Profile-based scanning:** \r\n Supports high-risk, critical-risk and deepscan scan profiles for targeted assessments.\r\n\r\n### 2. **Supported Scan Types**\r\n - **SQL Injection (SQLi):** \r\n Detect vulnerabilities related to SQL injection.\r\n - **Command Injection (CMDi):** \r\n Identify potential command execution vulnerabilities.\r\n - **Server-Side Template Injection (SSTI):** \r\n Scan for template injection risks in server-side frameworks.\r\n - **Cross-Site Scripting (XSS):** \r\n Check for reflective XSS vulnerabilities.\r\n - **Local File Inclusion (LFI):** \r\n Locate file inclusion vulnerabilities.\r\n - **Open Redirect:** \r\n Identify redirect-related issues.\r\n - **Carriage Return and Line Feed (CRLF):** \r\n Scan for CRLF injection flaws.\r\n - **Cross-Origin Resource Sharing (CORS):** \r\n Check for misconfigurations in CORS policies.\r\n - **All-in-one scanning:** \r\n Perform all available scans in a single command.\r\n\r\n### 3. **Profile-based Scanning**\r\n - **High-Risk Profile:** \r\n - **Critical-Risk Profile:** \r\n - **deepscan Profile:**\r\n Focuses on severe vulnerabilities, such as CVE-based attacks.\r\n\r\n### 4. **Crawling Capabilities**\r\n - Crawl target websites with customizable depth (`--crawl`).\r\n - Automatically discover and extract URLs for scanning.\r\n\r\n### 5. **Threaded Scanning**\r\n - Speed up scans with multithreading (`--threads`).\r\n\r\n### 6. **Automation Features**\r\n - Skip prompts using the `--no-prompt` option.\r\n - Automatically handle missing directories, files, and session data.\r\n\r\n### 7. **Update Checker**\r\n - Easily check for the latest updates (`--check-updates`).\r\n\r\n---\r\n\r\n## \ud83d\udee0\ufe0f **How to Use**\r\n\r\n### Basic Commands\r\n1. **Scan a single target:**\r\n ```bash\r\n python waymap.py --crawl 3 --target https://example.com --scan {scan_type}\r\n ```\r\n2. **Scan multiple targets from a file:**\r\n ```bash\r\n python waymap.py --crawl 3 --multi-target targets.txt --scan {scan_type}\r\n ```\r\n3. **Directly scan a single Target Without Crawling:**\r\n ```bash\r\n python waymap.py --target https://example.com/page?id=1 --scan {scan_type}\r\n\r\n2. **Directly Scan multiple targets from a file:**\r\n ```bash\r\n python waymap.py --multi-target targets.txt --scan {scan_type}(example url type: https://example.com/page?id=1 )\r\n\r\n ```\r\n4. **Profile-based scanning:**\r\n ```bash\r\n python waymap.py --target https://example.com --profile high-risk/critical-risk/deepscan\r\n ```\r\n\r\n### Thread Configuration\r\n1. **Use threading for faster scans:**\r\n ```bash\r\n python waymap.py --crawl 3 --target https://example.com --scan ssti --threads 10\r\n ```\r\n\r\n### Update Check\r\n1. **Ensure you have the latest version:**\r\n ```bash\r\n python waymap.py --check-updates\r\n ```\r\n\r\n### Check Help\r\n```bash\r\npython waymap.py -h\r\n\r\n```\r\n\r\n---\r\n\r\n**Repository Views**  (After 05-01-2025)\r\n### Waymap makes web vulnerability scanning efficient and accessible. Start securing your applications today! \ud83c\udfaf\r\n\r\n\r\n#### Credits\r\n- Thanks SQLMAP For Payloads Xml File\r\n\r\n### If you face any issues in Waymap, please submit them here: https://github.com/TrixSec/waymap/issues\r\n\r\n#### Also Star The Repo And Fork It\r\n\r\n### Follow Us on Telegram\r\nStay updated with the latest tools and hacking resources. Join our Telegram Channel by clicking the logo below:\r\n\r\n[](https://t.me/Trixsec)\r\n\r\n### Happy Hacking!\r\n",
"bugtrack_url": null,
"license": "GPL-3.0",
"summary": "A powerful web security tool for automated scanning.",
"version": "6.2.10",
"project_urls": {
"Bug Tracker": "https://github.com/TrixSec/waymap/issues",
"Homepage": "https://github.com/TrixSec/waymap",
"Source Code": "https://github.com/TrixSec/waymap"
},
"split_keywords": [
"security",
" pentesting",
" vulnerability-scanning",
" cybersecurity"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "07bc7a61b606b991c3c74e1e2cef8779310c15ed2f7347997c8426aed817887d",
"md5": "2c9db6c25b76b84944bb4621afd09b29",
"sha256": "a18f317a768475ab971de4f01fad2d003ffe52741a3cfa89c04e5a6d1e573f58"
},
"downloads": -1,
"filename": "waymap-6.2.10-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2c9db6c25b76b84944bb4621afd09b29",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 17174,
"upload_time": "2025-10-07T13:33:00",
"upload_time_iso_8601": "2025-10-07T13:33:00.349978Z",
"url": "https://files.pythonhosted.org/packages/07/bc/7a61b606b991c3c74e1e2cef8779310c15ed2f7347997c8426aed817887d/waymap-6.2.10-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "60c9b7b9cec3efd45a5386ad268031e668f704acd114fe8b6e2f0bb895d284f7",
"md5": "068ab0e574d6db8901641087d2739a19",
"sha256": "911c3a9025f4887951cbc9c07062aaa164277fb25da69a88d62ff1285c81a795"
},
"downloads": -1,
"filename": "waymap-6.2.10.tar.gz",
"has_sig": false,
"md5_digest": "068ab0e574d6db8901641087d2739a19",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 1183160,
"upload_time": "2025-10-07T13:33:09",
"upload_time_iso_8601": "2025-10-07T13:33:09.332104Z",
"url": "https://files.pythonhosted.org/packages/60/c9/b7b9cec3efd45a5386ad268031e668f704acd114fe8b6e2f0bb895d284f7/waymap-6.2.10.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-07 13:33:09",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "TrixSec",
"github_project": "waymap",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "waymap"
}
JSON
