This post is a wapiti tutorial. You’ll find various wapiti options, how to import wapiti scan results into metasploit and how you can disable wapiti modules to speed up your scans.
A basic one-liner command to get you started would be:
wapiti http://example.org/cool-things -u -n 5 -b domain -v 2 -o /tmp/outfile.html
More about the command line arguments:
-u, --color
use colours
-b, --scope
set the scope of the scan:
page: only analyse the page given in the url
folder: analyse all urls in the root url given (default option)
domain: analyse all links to pages in the same domain
-n, --nice
use this to prevent infinite loops, I usually go with 5
-f,
--format
change the output format
json:
html:
openvas:
txt:
vulneranet:
xml:
-v verbose
0: none
1: print each url
2: print each attack
# if you don't specify a -v flag, then you get a blank screen for ages
These basics will help you build the first command above, and will show you what the options mean.
There is a man page for wapiti, which has lots of information in it, including how to exclude patterns (useful once you know more about a host and want to narrow in on a target)
the openvas format is good too, as it allows you to import into openvas.