Raul, On Wed, Oct 21, 2009 at 5:53 AM, Raul Siles <raul.si...@gmail.com> wrote: > Hi there, > There is a false positive issue regarding XSSed.com. If you search by > "google.com", it then displays all previously seen XSS flaws on > domains ending up on google.com. Eg. Previous xssed page : > http://www.aramamotoru-google.com. > > In order to just get all XSSed pages for websites under exactly the > given root domain, it is required to append a "." in front of the > domain. > > The attached plug-in includes the "." fix.
Great! This is the type of tests I needed =) I'll perform some more tests and commit it to the trunk, > BTW, Andres, is there a way of refreshing the list of plug-ins without > restarting w3af? If not, here you are a new enhancement request ;) No, there is no such feature in the framework. The closest we have is right click over the plugin in the scan config tab, and hit "Reload plugin" (just commited this to the trunk 1 minute ago). Cheers, > Cheers, > -- > Raul Siles > www.raulsiles.com > > > > On Sun, Oct 18, 2009 at 6:13 PM, Andres Riancho > <andres.rian...@gmail.com> wrote: >> List, >> >> I'm a little bit flooded with work (at least for today). Could >> anyone please review this plugin? Thanks! >> >> Cheers, >> >> On Sun, Oct 18, 2009 at 7:38 AM, shatter <shat...@shatter-blog.net> wrote: >>> Hello everybody, >>> >>> I'm new on this mailing-list so i don't know exactly how it's work to >>> publish a new plugin... >>> >>> I am a French Developer (sorry for my English :s ) and I made a new plugin >>> for w3af : xssedDotCom. This plugin parses xssed.com database in order to >>> find xssedpage, and give an example of each xssed page. >>> >>> Do you accept this plugin? >>> >>> Shatter >>> >>> PS : Congratulations to Andres Riancho and all the developers for this >>> excellent framework :-) >>> >>> >>> ------------------------------------------------------------------------------ >>> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >>> is the only developer event you need to attend this year. Jumpstart your >>> developing skills, take BlackBerry mobile applications to market and stay >>> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >>> http://p.sf.net/sfu/devconference >>> _______________________________________________ >>> W3af-develop mailing list >>> W3af-develop@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>> >>> >> >> >> >> -- >> Andrés Riancho >> Founder, Bonsai - Information Security >> http://www.bonsai-sec.com/ >> http://w3af.sf.net/ >> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> http://p.sf.net/sfu/devconference >> _______________________________________________ >> W3af-develop mailing list >> W3af-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
