Hi, all! Today when I test W3AF on large site with URLs like http://site.com/news.php?id=1, http://site.com/categories.php?id=2 and so on I found some problem. It seems that webSpider don't consider that such URLs are "same". And in some point of view it is correct behavior. But very often these params are not "action" params which can make really different pages with different structure. Simply these pages differs in some text content.
I also found letter in our mail list from Adi Mutu "[W3af-users] mod_rewrite functionality and variations" [0] about same problem. As I know current workaround is using of maxDiscoveryLoops option. But what is the best way to scan such sites with w3af? May be we will add some option to webSpider or we need some core option? [0] http://sourceforge.net/mailarchive/message.php?msg_id=140339.90793.qm%40web43507.mail.sp1.yahoo.com Taras -- "Software is like sex: it's better when it's free.", - Linus Torvalds. ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop