Skip to content
Wepawet

Wepawet

Wepawet is a web-based service that analyzes web pages and detects potential vulnerabilities or malicious code. It scans for common attacks like cross-site scripting, SQL injections, and more.
Security & Privacy Vulnerability Scanner
web-security malware-detection vulnerability-scanning
Features Reviews Alternatives

Wepawet: Web Vulnerability Analyzer

Detects potential vulnerabilities and malicious code in web pages, scans for common attacks like cross-site scripting and SQL injections

What is Wepawet?

Wepawet is an online automated web analysis service that detects and analyzes potential security vulnerabilities or malicious code in web pages. It was developed by researchers at the University of California, Santa Barbara to identify common web-based attacks.

When a web page URL is submitted to Wepawet, it visits the page and scans the code for signs of attacks like cross-site scripting (XSS), SQL injection vulnerabilities, or obfuscated JavaScript that may contain malware. It also detects redirects, iframes, and other potential vectors for attacks.

One of the key features of Wepawet is its specialized detection of drive-by download attacks. It analyzes sites for URLs or code that may automatically download malware without the user's consent when visiting a webpage. The service also checks for URL shortener links that attempt to hide malicious destinations.

Beyond scanning for threats, Wepawet also gives technical analysis on the inner workings of JavaScript code. It outlines potential vulnerabilities in detail and highlights relevant code snippets. The findings allow developers and security professionals to understand and remediate issues.

While not a complete web security solution, Wepawet provides a useful free service for assessing pages and applications for common threats. The data it provides can help identify weak points to improve security.

Wepawet Features

Features

  1. Detects common web attacks like XSS, SQLi, RFI, etc
  2. Analyzes JavaScript for obfuscated or malicious code
  3. Checks for embedded Flash files and Java applets
  4. Scans for drive-by-downloads and iframe injections
  5. Provides analysis of web page code and resources
  6. Integrates with search engines to find malicious pages
  7. Offers API access for automated scanning

Pricing

  • Free
  • Freemium
  • Subscription-Based

Pros

Easy to use web interface

Fast and comprehensive scanning

Free for small-scale use

Helpful for web security testing

Can uncover hidden threats in web pages

Integrates well with search engines

Cons

Limited to analyzing individual pages

Not designed for large-scale web scanning

May miss some advanced threats

Prone to false positives

Requires manual review of results

Lacks customization options

Official Links

Official Website
https://wepawet.iseclab.org/

Reviews & Ratings

Login to Review
No reviews yet

Be the first to share your experience with Wepawet!

Login to Review

The Best Wepawet Alternatives

View all Wepawet alternatives with detailed comparison →

Top Security & Privacy and Vulnerability Scanner and other similar apps like Wepawet

Here are some alternatives to Wepawet:

VirusTotal icon
VirusTotal
MetaDefender icon
MetaDefender
Joe Sandbox icon
Joe Sandbox
Security Plus icon
Security Plus
Jotti icon
Jotti
IObit Cloud icon
IObit Cloud
Suggest an alternative ❐

VirusTotal icon

VirusTotal

VirusTotal is a free online service launched in 2004 that analyzes files and URLs to detect viruses, worms, trojans and other kinds of malicious content using multiple antivirus engines and website scanners. It can process a wide variety of file types including executables, disk images, PDFs, office documents, Javascript, HTML...
VirusTotal image
MetaDefender icon

MetaDefender

MetaDefender is a cybersecurity software platform used by organizations for preventing cyberthreats within files that are transferred digitally. It scans and sanitizes files by utilizing up to 30 anti-malware engines to detect known and zero-day malware, vulnerabilities, and data breaches.When a file is uploaded to a system with MetaDefender installed,...
MetaDefender image
Joe Sandbox icon

Joe Sandbox

Joe Sandbox is a comprehensive malware analysis and threat intelligence platform designed to help security teams detect, analyze, and respond to advanced threats. It features:Automated sandbox analysis of suspicious files, URLs, scripts, and other potential malware samples in secure, isolated environmentsDetailed forensic reports examining the full scope of malware behavior,...
Joe Sandbox image
Security Plus icon

Security Plus

Security Plus is a leading cybersecurity software designed to protect endpoints and networks from a wide range of cyber threats. It leverages advanced technologies such as artificial intelligence, machine learning, and behavioral analysis to provide real-time detection and response to malware, phishing attacks, ransomware, and other cyber attacks.Key features of...
Security Plus image
Jotti icon

Jotti

Jotti is a free online virus and malware scanning service that allows users to upload suspicious files or URLs to check if they are infected. It utilizes several antivirus engines, including BitDefender, Avast, and Kaspersky to scan files.When a file or URL is submitted to Jotti, it is scanned by...
Jotti image
IObit Cloud icon

IObit Cloud

IObit Cloud is a free cloud storage service offered by IObit, a software company known for their system utilities and security software. It gives users 5GB of free online storage space to store, backup, and share files across devices.Some key features of IObit Cloud include:5GB free storage spaceFile versioning -...
IObit Cloud image

Related Software

Bitwarden Bitwarden
1Password 1Password
Tunnelblick Tunnelblick
Sandboxie Plus Sandboxie Plus
Auth0 Auth0
Tor Browser Tor Browser
OpenSSH OpenSSH
Hacker's Keyboard Hacker's Keyboard