Usage: wapiti [options] Optional parameters: -h, - Help display this help message and exit -u URL, - the base URL default scan To define the scanning range url URL is Folder - scope {Page, Folder, Domain , url, punk} set the scan range -m MODULES_LIST, - module MODULES_LIST load module list --list- modules listed Wapiti attack module and exit the -l the lEVEL, - level set the lEVEL attack rating -p proxy_url, - Proxy proxy_url set HTTP (S) proxy support for HTTP (S), SOCKS --tor use Tor listener ( 127.0 . 0.1 : 9050 ) CREDENTIALS -a, --auth- the cred CREDENTIALS HTTP authentication credentials --auth- type {Basic, Digest, Kerberos, NTLM authentication type disposed} -C COOKIE_FILE, - Cookie Cookie COOKIE_FILE provided json format file --skip- crawl before the session does not resume scanning process recorded --resume- crawl even though some had previously been stopped attacks can also restore the scanning process --flush- attacks abandon the attack and vulnerability information for the current session history of --flush- the session to abandon all All information current targets, including URL and vulnerabilities crawling, etc. before the discovery of --store- the session the PATH attacks store catalog history and session data -s URL, - start start scanning Add URL URL -x URL, -exclude URL is added to exclude URL -r the PARAMETER, - the Remove the PARAMETER remove the given parameters in the URL - Skip the PARAMETER not attack the given parameters -d the DEPTH, - depth scanning the DEPTH setting depth --max-links- per- within range of each scanned page MAX settings page extract of the number of links --max-Files-per- dir MAX set the number of pages in each directory to explore --max-SCAN- time number mINUTES set the scan duration float minutes - max- the parameters MAX has more than the maximum input parameters of the URL and the form will be deleted before the attack -S FORCE, --scan-force FORCE reduce scan and easy way to attack an optional value of the URL: Paranoid, Sneaky, polite, Normal, Aggressive, Insane -t SECONDS, - timeout SECONDS set the request timeout -H HEADER, - header HEADER setting each request header -A AGENT, --user-agent AGENT provided for each request User- - Agent --verify-SSL { 0 , . 1 } SSL check whether the default is not checked - color landscaping use color output -v LEVEL, --verbose lEVEL set the detail level ( 0 : quiet, . 1 : Normal, 2 : verbose) -f the FORMAT, -Set the output format FORMAT formats supported: json, HTML (default), TXT, openvas, vulneranet, xml -o OUPUT_PATH, - the Output OUPUT_PATH output file or directory --external the Url EXTERNAL_ENDPOINT_URL the Serving AS-Endpoint Endpoint for target --internal-Endpoint the Serving the Url aS Endpoint INTERNAL_ENDPOINT_URL for attacker --endpoint ENDPOINT_URL the Serving the Url aS Endpoint for both-attacker and target --no- bugreport when the attack failed module does not send the Bug report --version print version number