Taras, List,
I just merged taras' branch into the trunk. Taras is working in
enhancing the MITM proxy window that w3af had. At this moment, I'm
happy to say that he has been able to complete ~75% of the features
we've been talking about, and I'm using that as a milestone to merge
back his changes to the trunk.
If you want to give it a try, just:
- "svn up" if you already have a SVN working copy
- "svn co https://w3af.svn.sourceforge.net/svnroot/w3af/trunk w3af" if
you want to download the latest and greatest version of w3af
One of the coolest features you'll find is the possibility to run
Audit plugins from any place of the framework where a request is being
displayed. For example, imagine the situation where you're manually
assessing an application using the MITM proxy, and you see that one of
the requests has 15 parameters. In your mind you're saying: "Nooooo! I
have to check every parameter for every vulnerability? This is going
to take me a lot of time!"; actually... NO. Simply click over the
"Audit this request with..." button on the lower left part of the
request, and all audit plugins are going to analyze it for you :)
I would like to thank Taras Ivashchenko for all his work on these
features (which are still on development!). Thanks Taras!
Cheers,
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
