Mac App Store

Mac App Store is the simplest way to find and download apps for your Mac.

To download WebReaver from the Mac App Store, you need a Mac with OS X 10.6.6 or later. Learn More.



Open the Mac App Store to buy and download apps.


WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac OS X. It is suitable for novice as well as advanced users. WebReaver allows you easily test any web application for a large variety of security issues.

WebReaver is powered by Websecurify's latest security testing engine, which comes with over 70 generic vulnerability checks ranging form SQL Injection, Expression Injection and Cross-site Scripting to Session Management issues, Information Disclosure and many others.

This tool detects numerous critical vulnerabilities including but not limited to:

• Shellshock (CVE-2014-6271, CVE-2014-7169)
• Expression Language Injection
• SQL Injection
• Cross-site Scripting
• Local And Remote File Includes
• XML Injection
• Command Injection
• CRLF Injection
• Weak Session Management
• Insecure Cross-domain Policies
• Open Redirect
• Response Splitting
• Session Security Best-practices
• Insecure SOAP Services
• Path, Username and Source Code Disclosure
• Insecure File Upload
• Vulnerable WordPress themes and plugins
• Many more

Check out for more information on the types of vulnerabilities WebReaver can help you discover.


WebReaver saves you time and money by automating a tiresome and very technical process used by experts to find scary security vulnerabilities.

What's New in Version 2.1

• Bug fixes and performance improvements
• App Store ratings integration


Screenshot 1
Screenshot 2
Screenshot 3
Screenshot 4
Screenshot 5

Customer Reviews

Awesome tool

I grabbed this tools while it was on promotion and I am not disappointed one bit. It works. It looks greats. Very nice tool all around. I think there should be more customisation options but this feature will be delivered soon from what I can tell (talked to the devs). Great work guys, as usual!

Waste of time and money

I’ve tested Webreaver against 8 different extremely vulnerable applications, both academic / practice and real world ones and It has failed miserably and done so so badly that It’s not even worth the time to even run it.

Additionally there is absolutly no control over what to test, which parameters to test, proxy and SSL configuration, and anything that even the most basic 10 year old open source tools have.

For all intents and purposes this is a scam tool.

View in Mac App Store
  • £28.99
  • Category: Developer Tools
  • Updated:
  • Version: 2.1
  • Size: 3.1 MB
  • Language: English
  • Developer:

Compatibility: OS X 10.10 or later, 64-bit processor

Customer Ratings

This application has not received enough ratings to display a summary.