Hello, all! As you may already know there is new attack vector [0] for web applications especially for WAF and other filters bypassing.
What W3AF can do? For example, we can check for concatenated params in HTTP response. It is the specialty of ASP.NET webapps. What do you think about it? [0] http://tacticalwebappsec.blogspot.com/2009/05/http-parameter-pollution.html -- Taras ---- "Software is like sex: it's better when it's free." - Linus Torvalds
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
