YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors.

View the Project on GitHub adamcaudill/yawast

16 August 2019

YAWAST 0.8 Released

by Brandon Wilson

YAWAST version 0.8 has been released; months of work has gone into this release and has required a substantial investment of time and effort. The new version of YAWAST is a complete re-write of the application – everything has been rebuilt in Python instead of Ruby.

At the time YAWAST was first created, Ruby was a preferred language in the security community, at least in part due to Metasploit Framework being written in Ruby. These days, Ruby has fallen out of favor in the community. In a poll of those in the community that are likely to contribute to a project like YAWAST, we found that the vast majority were more likely to contribute if the application was written in Python; in fact, Ruby scored as the language least likely to lead people to contribute.

Based on the popularity of Python and the poll indicating that being written in Python would make contributions more likely, the decision was made to completely rewrite YAWAST. With the rewrite, we believe that it will lead to more participation and provide a healthier future for the project.

That being said, this new version includes a number of improvements and quite a few new checks. Here is a brief overview of the changes:

Command line parameters are still the same, most of the language is still the same – in general, this is a better YAWAST, but doesn’t break your expectations.

Useful links:

If you have any issues, please open an issue on Github (with any sensitive information redacted of course).