> Hi Taras? How're you doing? I'm trying to finish OWASP Testing Guide :) It's very good book!
> > What W3AF can do? For example, we can check for concatenated params in > > HTTP response. It is the specialty of ASP.NET webapps. What do you think > > about it? > > I'm just thinking out-loud, but... all web applications are vulnerable > to this http parameter pollution trick, because the real vulnerable > section is the framework with which they are developed, right? If this > is true, do we really need to test for it? Good question... I think that there are more important tasks in W3AF dev now :) -- Taras ---- "Software is like sex: it's better when it's free." - Linus Torvalds
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
