YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors.
View the Project on GitHub adamcaudill/yawast
Follow @yawastYAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories:
This is meant to provide an easy way to perform initial analysis and information discovery. It’s not a full testing suite, and it certainly isn’t Metasploit. The idea is to provide a quick way to perform initial data collection, which can then be used to better target further tests. It is especially useful when used in conjunction with Burp Suite (via the --proxy
parameter).
YAWAST is packaged as a Python package, Docker container, and as a Windows EXE to make installing it as easy as possible. Details are available on the installation page.
The simplest option for Windows users is to download the compiled executable, as Windows requires certain dependencies to be compile.
The simplest options to install are:
As a Python package: pip3 install yawast
(YAWAST requires Python 3.7)
docker pull adamcaudill/yawast
It’s strongly recommended that you review the installation page to ensure you have the proper dependencies.
Details about YAWAST and how to use it can be found below: