|File Search||Catalog||Content Search|
This package provides a command line interface (CLI) only. The graphical user interface (GUI) is provided by the package w3af.
The framework has been called the "metasploit for the web", but it's actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques!
The w3af core and it's plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more.
(10 Nov 2011) 1.1 ==================== * Considerably increased performance by implementing gzip encoding * Fixed hundreds of crashes * Fixed critical bug in auto-update feature * Merged changes from different branches to support webUI * Enhanced embedded bug report system using Trac's XMLRPC * Enhanced integration with other tools (bug fixed and added more info to the more»
The w3af project has a very well defined roadmap, which aims to deliver value to our users and the community in every step we take. The roadmap can be found in our Trac: https://sourceforge.net/apps/trac/w3af/roadmap They are lots of very interesting problems to solve, they range from enhancing algorithms for detecting vulnerabilities and low level performance improvements to user interface more»
This is the list of people that contributed with w3af, a small summary of what they have done follows their name. Project leader: Andres Riancho Main contributors: Javier Andalia <javier_andalia!rapid7.com> - Full time employee working on w3af! Alexander Berezhnoy - spiderMan refactoring, new console user interface, plugins Taras Ivashchenko <oxdef!oxdef.info> - A lot of BIG more»
This documentation could be outdated.
Usage and installation ====================== We recommend you to read the user's guide before star more»
''' readMethodHelpers.py Copyright 2010 Andres Riancho This file is part of w3af, w3af.sourceforge more»
This directory stores templates of files. A template is a simple file with the corresponding "magic more»
The default file is taken from the fuzzdb project http://code.google.com/p/fuzzdb/ (errors.txt in fo more»