From 3cffce75960009eab474968d38f8038ab0fa5b4f Mon Sep 17 00:00:00 2001 From: rafan Date: Thu, 4 Oct 2007 13:21:39 +0000 Subject: Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. WWW: http://wapiti.sourceforge.net/ PR: ports/116873 Submitted by: Philippe Audeoud --- security/wapiti/Makefile | 36 ++++++++++++++++++++++++++++++++++++ security/wapiti/distinfo | 3 +++ security/wapiti/pkg-descr | 8 ++++++++ 3 files changed, 47 insertions(+) create mode 100644 security/wapiti/Makefile create mode 100644 security/wapiti/distinfo create mode 100644 security/wapiti/pkg-descr (limited to 'security/wapiti') diff --git a/security/wapiti/Makefile b/security/wapiti/Makefile new file mode 100644 index 000000000000..ecc5d12f0f70 --- /dev/null +++ b/security/wapiti/Makefile @@ -0,0 +1,36 @@ +# New ports collection makefile for: wapiti +# Date created: 3 October 2007 +# Whom: Philippe Audeoud +# $FreeBSD$ + +PORTNAME= wapiti +PORTVERSION= 1.1.6 +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE_EXTENDED} +MASTER_SITE_SUBDIR= wapiti + +MAINTAINER= jadawin@tuxaco.net +COMMENT= Wapiti is a vulnerability scanner for web applications + +RUN_DEPENDS= ${PYTHON_SITELIBDIR}/tidy:${PORTSDIR}/www/py-utidy + +USE_PYTHON= 2.3+ +NO_BUILD= yes +PORTDOCS= README + +PLIST_FILES= bin/wapiti.py \ + bin/lswww.py \ + bin/getcookie.py \ + bin/cookie.py \ + bin/BeautifulSoup.py + +do-install: +.for i in wapiti.py lswww.py getcookie.py cookie.py BeautifulSoup.py + ${INSTALL_SCRIPT} ${WRKSRC}/${i} ${PREFIX}/bin/ +.endfor +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} +.endif + +.include diff --git a/security/wapiti/distinfo b/security/wapiti/distinfo new file mode 100644 index 000000000000..14cdbc12e4ce --- /dev/null +++ b/security/wapiti/distinfo @@ -0,0 +1,3 @@ +MD5 (wapiti-1.1.6.tar.gz) = 8b6067b64c16b575da43aa2dbfaeea23 +SHA256 (wapiti-1.1.6.tar.gz) = cb9fb6b969d01e84e953235f7e7554fee62916aaf3215a1abd4455a0efecbaed +SIZE (wapiti-1.1.6.tar.gz) = 51200 diff --git a/security/wapiti/pkg-descr b/security/wapiti/pkg-descr new file mode 100644 index 000000000000..0b4f4b87743f --- /dev/null +++ b/security/wapiti/pkg-descr @@ -0,0 +1,8 @@ +Wapiti allows you to audit the security of your web applications. +It performs "black-box" scans, i.e. it does not study the source code of +the application but will scans the webpages of the deployed webapp, +looking for scripts and forms where it can inject data. +Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to +see if a script is vulnerable. + +WWW: http://wapiti.sourceforge.net/ -- cgit