Launching Web Application Security Scans From The Command Line

Fri Jul 09 2010 18:22:00 GMT+0100 (BST)

Starting with Websecurify 0.6, you can launch the web application security scanner from the command line. The syntax is very simple. Here is an example:

websecurify.exe -websecurifytest http://yourapp.com

You can also specify your workspace like this (otherwise a new one will be created and used):

websecurify.exe -websecurfiytest http://yourapp.com -workspace MyAppWorkspace

However, Websecurify 0.7 changes this syntax a bit. The "workspace" flag is removed for various reasons. Instead, you can use the following syntax:

websecurify.exe -websecurifytest http://myapp.com,MyAppWorkspace

You can also start multiple tests like this:

websecurify.exe -websecurfitest http://myapp.com,MyAppWorkspace,http://mysecondapp.com,MySecondWorkspace

You can also combine multiple tests into a single workspace. Here is how you can do that:

websecurify.exe -websecurifytest http://app1.com,ws1,http://app2.com,ws1,http://app3.com,ws1

However, we may also implement the following shortcut syntax:

websecurify.exe -websecurifytest http://app1.com,MyWorkspace,http://app2.com,-,http://app3.com,-

More exciting new feature are coming in 0.7 as well as hundreds of scanner, ui and stability improvements. Stay tuned!

Comments Powered ByDisqus