Skip to content

Cookie management

Jump to bottom
devloop edited this page Oct 10, 2024 · 1 revision

Cookie Management

Wapiti allows you to handle session cookies in various ways to pass authentication during vulnerability scans.

Available Options

  • -c, --cookie <COOKIE_FILE_OR_BROWSER_NAME>

    Load cookies from a Wapiti JSON cookie file. This is useful if you have exported cookies using wapiti-getcookie(1). Alternatively, you can import cookies directly from your browser. Supported browsers are:

    • chrome
    • firefox

    Example:

    wapiti -c cookies.json
wapiti -c chrome

  • -C, --cookie-value <COOKIE_VALUE>

    Manually set cookies by providing a valid cookie string. This is especially useful for importing session cookies from a logged-in user. The string should follow the format used in HTTP headers.

    Example:

    wapiti --cookie-value "PHPSESSIONID=5f4dcc3b5aa765d61d8327deb882cf99;cookie_2=somevalue"

  • --drop-set-cookie

    This option makes Wapiti ignore cookies given in HTTP responses. Cookies that have been loaded using the -c option will still be kept.

Home

Basic Usage

Output and Reporting

Authentication and Session Management

Crawler and Request Options

API and Endpoints

Miscellaneous

Clone this wiki locally