15 March 2012

w3af The Web Application Attack and Audit Framework

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and many more.

New features in w3af 1.1:-
  • Considerably increased performance by implementing gzip encoding
  • Enhanced embedded bug report system using Trac’s XMLRPC
  • Fixed hundreds of bugs
  • Fixed critical bug in auto-update feature
  • Enhanced integration with other tools (bug fixed and added more info to the file)
Alternatively, a new webUI that will allow enterprise users to run recurrent scans and analyze the results is also in the works.
If you are here just to "take a look" please watch the w3af video demos!
The w3af user's guide can be found here
To download w3af ver1.1 Click Here

AbhiShek SinGh
Founder of 'TheHackingArticles'. Cyber Security Analyst, Cyber Security Researcher, and Software Engineer. Follow 'AbhiShek SinGh' on Facebook , Twitter or Google+ or via Email

Subscribe to stay up to date