[W3af-users] how did you test the module for CORS and Preflight

2012-10-25 Thread luke
Hi guys I am testing w3af module for detecting CORS and Preflight, but as far as I know , there is few website that support these new feature , can someone recommend some website that support these feature . your reply is really appericate. -- FIT1-213 Department of Computer Science Tsinghua Uni

Re: [W3af-users] disscuss about inspectOriginHeaderScrutiny

2012-10-14 Thread luke
ndres.rian...@gmail.com] > Sent: Sunday, October 14, 2012 07:58 AM > To: luke > Cc: w3af-users@lists.sourceforge.net > Subject: Re: [W3af-users] disscuss about inspectOriginHeaderScrutiny > > Luke, > > On Fri, Sep 28, 2012 at 5:48 AM, luke wrote: > > Hi guys: >

[W3af-users] disscuss about inspectOriginHeaderScrutiny

2012-09-28 Thread luke
Hi guys: I am still testing the new plugin inspectOriginHeaderScrutiny for HTML5, for now I tested some website: www.qq.com www.renren.com http://sourceforge.net facebook.com these website all have CORS settings , you can see the configuration by type domain/crossdomain.xml but I i use w3af scan t

[W3af-users] Fwd: test about inspectOriginHeaderScrutiny

2012-09-27 Thread luke
-- Forwarded message -- From: luke Date: Wed, Sep 26, 2012 at 4:02 PM Subject: test about inspectOriginHeaderScrutiny To: Andres Riancho Hi andres I tested inspectOriginHeaderScrutiny.py module but the result show nothing about this module ? I am wondering if I used it wrong

Re: [W3af-users] Fwd: difference in hmap,fingerprint_os

2012-09-27 Thread luke
thx for the reply On Fri, Sep 28, 2012 at 8:03 AM, Andres Riancho wrote: > Luke, > > On Tue, Sep 25, 2012 at 11:17 PM, luke wrote: > > > > > > -- Forwarded message -- > > From: luke > > Date: Wed, Sep 26, 2012 at 10:16 AM > > Subj

[W3af-users] Fwd: difference in hmap,fingerprint_os

2012-09-25 Thread luke
-- Forwarded message -- From: luke Date: Wed, Sep 26, 2012 at 10:16 AM Subject: difference in hmap,fingerprint_os To: w3af-us...@lists.sourceforge.ne Hi guys I am using w3af doing some test ,I have a question about hmap,fingerprint_os this two module , this two module give the

[W3af-users] problem using w3af

2012-09-25 Thread luke
Hi guys! I am using w3af test a site the script is == plugins discovery webSpider,hmap,fingerprint_os,fingerprint_WAF,findvhost,allowedMethods,robotsReader grep clickjacking audit dav,formatString,globalRedirect,osCommanding,sqli,xpath,xss,xst output console output

Re: [W3af-users] test site for HTML5 vulnerability

2012-09-16 Thread luke
Does w3af support to check new html5 tag like autofocus etc. that cause XSS attack ? On Thu, Sep 13, 2012 at 8:15 AM, Andres Riancho wrote: > Luke, > > I would test it against sites that have CORS headers enabled, some of > them: > > sourceforge.net > nbcoly

[W3af-users] test site for HTML5 vulnerability

2012-09-12 Thread luke
Hi guys I am testing the w3af modules which design for check html5 vulnerablity ? but I can not find a good test site ? does anyone know this kind of website for test ? -- FIT1-213 Department of Computer Science Tsinghua University, Beijing, 100084 http://about.me/anakin/bio --