YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories:
This is meant to provide an easy way to perform initial analysis and information discovery. It’s not a full testing suite, and it certainly isn’t Metasploit. The idea is to provide a quick way to perform initial data collection, which can then be used to better target further tests. It is especially useful when used in conjunction with Burp Suite (via the
The simplest option for Windows users is to download the compiled executable, as Windows requires certain dependencies to be compile.
The simplest options to install are:
As a Python package:
pip3 install yawast (YAWAST requires Python 3.7)
docker pull adamcaudill/yawast
It’s strongly recommended that you review the installation page to ensure you have the proper dependencies.
Details about YAWAST and how to use it can be found below: