Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies

This project is a command line tool and python library that uses Wappalyzer extension and its fingerprints to detect technologies. Other projects emerged after discontinuation of the official open source project are using outdated fingerpints and lack accuracy when used on dynamic web-apps, this...

[SECURITY] Fedora 35 Update: webanalyze-0.3.1-6.fc35

Port of Wappalyzer uncovers technologies used on websites in Go to automate scanning...

Webstor - A Script To Quickly Enumerate All Websites Across All Of Your Organization'S Networks, Store Their Responses, And Query For Known Web Technologies, Such As Those With Zero-Day Vulnerabilities

WebStor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your organization's networks, storing their responses, and querying for known web technologies and versions, such as those with zero-day vulnerabilities. It is intended, in particular,...

Regular Express Denial Of Service (ReDoS)

wappalyzer is vulnerable to denial of service DoS. The vulnerability exists as it uses a regular expression that does not restrict the amount of 0-9., allowing a long string to exhaust memory...

Regular Expression Denial Of Service (ReDoS)

wappalyzer is vulnerable to regular expression denial of service. A catastrophic backtracking vulnerability in the regular expression used to parse URL allows an attacker to cause excessive resource consumption which can lead to a browser crash...

Node.js third-party modules: [wappalyzer] ReDoS allows an attacker to completely break Wappalyzer

Hello folks! please note that I'm reporting two different problematic regexes. module name: Wappalyzer version: 6.0.2 npm page: https://www.npmjs.com/package/wappalyzer Module Description Wappalyzer identifies technologies on websites. Module Stats Weekly downloads: 1,290 88 open issues 16 open...

Node.js third-party modules: [wappalyzer] ReDoS allows an attacker to completely break Wappalyzer

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report VULNERABILITY in...

Samurai Web Testing Framework 3.0 - LiveCD Web Pen-testing Environment

The Samurai project team is happy to announce the release of a development version of the Samurai Web Testing Framework. This release is currently a fully functional linux environment that has a number of the tools pre-installed. Our hope is that people who are interested in making this the best...