Hi,
thank you very much for your suggestions. Could you please give me some
hint, why Webgoat is not a good solution for measuring of
successes/failures of W3AF?
Thank you,
Vojta
Dne 1.12.2015 v 17:50 Matt Tesauro napsal(a):
> Vojtech,
>
> I'd suggest you look at this project:
> https://www.owasp
Vojtech,
I'd suggest you look at this project:
https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project
In the "Off-line" tab, there's a list of apps and the technology used to
create then.
For instance, Bodgeit Store is a Java based vulnerable app:
https://github.com/
Hi,
I would like to run W3AF against a commercial web application which uses
similar technologies as Webgoat. Do you think that applications, which
you mentioned, will be able to provide some baseline for comparing of
results?
I need to find if W3AF can correctly detect vulnerabilities in
deliberat
webgoat is not usually a good target for testing scanners. I would
recommend other applications such as:
* http://testphp.acunetix.com/
* https://github.com/andresriancho/django-moth
On Mon, Nov 30, 2015 at 3:41 PM, Vojtěch Polášek wrote:
> Greetings,
> thanks for reply, i will try it out
Greetings,
thanks for reply, i will try it out.
To be exact, I am running W3Af against Owasp Webgoat, which runs on Tomcat.
Best regards,
Vojta
Dne 30.11.2015 v 18:54 Andres Riancho napsal(a):
> Vojtěch,
>
> Questions are welcome :)
>
> I assume you wanted to say JavaScript instead of Java
Vojtěch,
Questions are welcome :)
I assume you wanted to say JavaScript instead of Java, if JS is
heavily used, then yes the web_spider is "almost useless".
Well, the scan of the target URL can't be prevented, but if you
set the URL to http://target.com/ and disable web_spider, then
Greetings,
my name is Vojtěch Polášek and I am a blind IT student from Czech Republic.
As a part of my bachelor thesis, I am researching some tools for
security analysis of web applications. One of those tools is W3AF, so
expect some questions in near time :-)
I need to perform analysis of Java app
