NOTE: This framework is designed to be used with the Wildfire Toolkit

The Web Application Penetration Testing (WAPT) Framework is a full stack application designed to act as a Command & Control center for web app pen testing and bug bounty hunting. The tool works by allowing users to add Fully-Qualified Domain Names (FQDNs), more commonly referred to as "Seeds" or "Roots" in bug bounty hunting. These FQDNs are then scanned using wildfire.py from the Wildfire Toolkit with the results of the scans being stored and managed in the WAPT Framework.

Check out my LinkedIn posts like this one for more information on how I search for bugs and where this framework falls into the bigger picture of my methodology!

NOTE: This app requres Node 14.x and NPM 6.x to install successfully

I recommend installing this framework on a Windows machine since it's simpler to install and use older versions of Node/NPM.

Downloading/Install Git for Windows: https://gitforwindows.org/

Download/Install Node (NPM will be included): https://nodejs.org/en/blog/release/v14.17.3/

Download/Install MongoDB: https://www.mongodb.com/try/download/community

Install Server NPM Packages (From Root Directory): npm install

Insall Client NPM Packages (From client Directory): npm install

Install nodemon: npm install -g nodemon

Server (Root Directory): nodemon server.js

Client (client Directory): npm run start