Is there an opensource GPL * solution to automate the search for web-vulnerabilities? For example, some XSS Scanner, or something similar, but on the scale of a heap of hosts?

You don’t think, I’m not a cultchacker, I just have a certain number of sites that are added and removed, in general, something like a hosting and sometimes from Google there come letters "Hacked content detected on ..." for which I Google is grateful, but still I would like to detect it myself automatically. I’m sure there are any pipelined solutions for scanning your hosts for web vulnerabilities.

Closed due to the fact that it is necessary to reformulate the question so that it was possible to give an objectively correct answer to the participants Visman , Alex , user194374, Grundy , Bald 13 Dec '16 at 3:58 .

The question gives rise to endless debates and discussions based not on knowledge, but on opinions. To get an answer, rephrase your question so that it can be given an unambiguously correct answer, or delete the question altogether. If the question can be reformulated according to the rules set out in the certificate , edit it .

  • For example there is a sqlmap - Vladimir Martyanov
  • I found wapiti but the project was updated in 2013: (I installed it, started it, it seems that the thing is not bad, but it is a very old version ... well, while I’m still looking for more options. - user229772
  • ... and it is also single-threaded: ( - user229772
  • And who prevents you from running multiple processes at the same time? - Vladimir Martyanov
  • I prefer multithreading / multiprocessing / asynchrony implemented on the application side. - user229772

0