Integrate Wapiti with Vulnetix. Crawl and attack web applications to find SQL injection, XSS, XXE, SSRF, open redirects, and 30+ other vulnerability classes, then upload JSON reports.
PythonCLI toolJSONXMLHTML
Install & scan
$ # Recommended — ephemeral run, no global install uv run --with wapiti3 wapiti --version # Or install globally with pip pip install wapiti3 $ uv run --with wapiti3 wapiti -u https://example.com/ --scope folder -f json -o wapiti-report.json
Run Wapiti in CI
Scan on every push and upload the results to Vulnetix:
name: DAST – Wapiti
on:
schedule:
- cron: '0 2 * * 1'
workflow_dispatch:
jobs:
wapiti:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v4
- name: Run Wapiti scan
run: |
uv run --with wapiti3 wapiti -u ${{ secrets.TARGET_URL }} --scope folder -f json -o wapiti-report.json
- name: Upload report
run: vulnetix upload --file wapiti-report.json
Centralise Wapiti results in Vulnetix
Upload Wapiti JSON, XML, HTML output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.