Launching Web Application Security Scans From The Command Line

Starting with Websecurify 0.6, you can launch the web application security scanner from the command line. The syntax is very simple. Here is an example:

websecurify.exe -websecurifytest

You can also specify your workspace like this (otherwise a new one will be created and used):

websecurify.exe -websecurfiytest -workspace MyAppWorkspace

However, Websecurify 0.7 changes this syntax a bit. The "workspace" flag is removed for various reasons. Instead, you can use the following syntax:

websecurify.exe -websecurifytest,MyAppWorkspace

You can also start multiple tests like this:

websecurify.exe -websecurfitest,MyAppWorkspace,,MySecondWorkspace

You can also combine multiple tests into a single workspace. Here is how you can do that:

websecurify.exe -websecurifytest,ws1,,ws1,,ws1

However, we may also implement the following shortcut syntax:

websecurify.exe -websecurifytest,MyWorkspace,,-,,-

More exciting new feature are coming in 0.7 as well as hundreds of scanner, ui and stability improvements. Stay tuned!


Petko D. Petkov (pdp), is founder of Websecurify and frontman of the GNUCITIZEN Information Security Think Tank. pdp is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books in the field of information security.

Comments Powered ByDisqus