Wapiti allows you to audit the security of your websites or web applications. It does not study the source code of the application but will scans the web pages of the deployed web application, looking for scripts and forms where it can inject data.
Step 1.First open your Kali linux terminal and type wapiti
Step 2.The application generates a HTML Report in generated_report/index.html with contains a detailed information about the attacks performed and the vulnerabilities found.