Andres, I just have committed beta version of sslCertificate [0]: * ca.pem moved to plugins/audit/sslCertificate/ * added correct check for SSLv2 * dump cert
What we have in final...we've lost: * some useful information inside dump_x509 (digests, serial number, keys) What we have got: * minus one dependency (I remember about proxy.py) * subjectAltNames support for hostname check * full certificate validation with CA file - w3af now behaviors like web browser here (also removed our unnecessary code) * correct SSLv2 check * soon expire feature [0] http://w3af.svn.sourceforge.net/viewvc/w3af/branches/ssl/plugins/audit/sslCertificate.py?revision=5048&view=markup -- Taras http://oxdef.info ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
