WSHawk Documentation
Current v4 reference material for stateful web and realtime application testing.
What v4 Optimizes For
Project-Backed Operations
Traffic, identities, notes, findings, and exports stay together in one local project.
Stateful Testing
Replay, AuthZ diff, and race testing matter more than a one-shot scanner when the target is stateful.
Evidence-First Review
Browser evidence, timeline data, validation labs, and exports exist to support operator review, not hype.
v4 Workflow Lifecycle
How projects, capture, replay, diffing, race testing, and exports fit together.
Getting Started
Install WSHawk, choose the right surface, and start with the recommended v4 path.
Protocol & Heuristics
How WSHawk infers message families, fields, protocol hints, and likely attack paths.
Replay & Attack Services
Where payload mutation still helps and where replay, AuthZ diff, and race become the stronger proof path.
OAST & Blind Testing
Using callback-based detection for SSRF, XXE, and similar out-of-band behavior.
Browser Evidence
What the Playwright-assisted evidence path does and what it does not claim.
Vulnerability Coverage
The main issue classes WSHawk is good at proving in v4.
Academy
Longer v4 guides for desktop workflows, architecture, evidence, validation, and release history.
Core Command Reference
| Command | Description |
|---|---|
wshawk ws://target.example/ws | Run the compatibility scanner for a fast first pass. |
wshawk-interactive | Open the interactive CLI workflow. |
wshawk-advanced ws://target.example/ws | Use the advanced legacy CLI path with more scanner-side controls. |
wshawk-defensive | Run the narrow defensive helper checks that still ship with the project. |
cd desktop && npm run smoke | Run the lightweight desktop sanity check. |