Last Friday Informatica Gesfor made a presentation of Wapiti in the VI OWASP Spain Chapter Meeting which took place in Barcelona. OWASP (Open Web Application Security Project) is one of the most important organizations in the field of security. David del Pozo González (Informatica Gesfor), as developer of Wapiti, made a presentation about Wapiti, showing its features, how it works, the way to extend it and a practice case of use. But the most important is that we offered to the OWASP community the opportunity of knowing Wapiti and the participation in its evolution and event attendees had a good impresion of Wapiti.

The event was attended among others by Richard Stallman who presented the "Free Software, Your Freedom"; Fabio Cerullo who presented "OWASP: The most important risk in web applications 2010"; David del Pozo González who presented "Wapiti: Security for web developers in Romulus Project"; and Christian Martorella who presented "2010 y yet using brute force: Webslayer". Vicente Aguilera Díaz, as president of the OWASP Spanish Chapter, made the introduction and close of the event.

It's a new year, and it's time for a new version of Wapiti! The version (2.2.1) is now available for download. In this release, bugs have been fixed and some improvements have been performed. The most important of them are:

• Nikto attack: This new attack checks the security of the page by using the Nikto database.
• Internationalization: Now, Wapiti is available in three languages: English, French and Spanish.

In the following months we'll work to release a new version with new and useful features.

The new version (2.1.0) of Wapiti is already available from the download Wapiti section. The new main features are:

• Web pages scanner is faster with the httplib2 library.
• Blind SQL Injections detection was implemented.
• Addition of more patterns for detecting file handling vulnerabilities in PHP.

Currently, the Wapiti developers are developing some new functionalities and improvements in order to release a new version in the next months.

Enjoy this new version!

Few days ago Wapiti reached 20,000 downloads from SourceForge. This is a piece of good news for the Wapiti community and it encourages us to continue improving the application. Thank you everyone for trusting in Wapiti.

The Wapiti developers community is very glad to announce that Wapiti was recently included in the project OWASP Live CD, this project collects some of the best open source security projects in a single environment. In february, the module for Wapiti has been uploaded to Google Code and was included in the tool list of OWASP Live CD.

OWASP Live CD is a Linux bootable CD specifically created for Web Application Security Professionals. It is an OWASP project which belongs to the "Release Quality Projects" category, the greatest one for an OWASP project. This project is a perfect tool for Web developers, testers and security professionals since they have access to a full security testing suite. OWASP Live CD allows users to test various security issues in web applications and web sites, to access to security documentation and to enhance users web application security knowledge with an interactive learning environment (WebGoat). You can download OWASP Live CD in two formats, ISO image and VMware image.

We are happy to announce that Wapiti have been admitted as a provisional alpha OWASP project. OWASP is one of the most important open communities focused on software security. This announcement encourage us to continue the development in the same way, improving it and adding new functionalities.

You can take a look at the Wapiti OWASP page.

A new demo video about Wapiti is now available. This video shows the testing of a page with vulnerabilities using the Wapiti Web Demo

You can view this video inside Romulus' Youtube Channel.