• home
  • pentesting tools news
  • Security News
  
Tweet My status    Share

Update Pentesting tools News 28-May-2011

W3af 1.0-Stable released!

w3af 1.0 releasedRelease note for v1.0

W3af is a free Open Sourcer GUI tool written in Python for Web Application Attack and Audit Framework.

This web vulnerability scanner is easy to use and extend, allowing the execution of more than 130 plug-in, check for SQL injection, cross site scripting (XSS) inclusion of local/remote files, and more.


W3af 1.0-Stable adds significant improvements of the framework, including:

  • New Windows installer.
  • Stable code base.
  • Web application payloads:

Various layers for exploited vulnerability in order to be able to write payloads and execute files on the compromised web server.

  • PHP static code analyzer:

Javier Andalia created a PHP static code analyzer in order to identify SQL injections and introducevery interesting feature as a web application payload.

After exploiting a vulnerability is possible try --> "payload php_sca" and will download the remote PHP code in your box to analyze it to find vulnerabilities.

  • Auto-Update:

Auto-Update, allow you to keep your w3af installation updated easily and without any effort.

  • Refactoring of HTTP cache and GTK user interface code to store HTTP requests only once on disk.
  • Performance improvement in sqlite database by using indexes.
  • Huge w3af code-base refactoring on how URLs are handled.

More details about this release and latest version download can be found on the w3af Official WebSite.


Enjoy, Jano


Ubuntu Logo
Aircrack-ng Logo


 In this Site & Aircrack-ng


©2010-2013 JanoWeb.NET | All Rights Reserved | Terms & Policy |
Valid XHTML 1.0 TransitionalValid CSS 3Creative Commons Licenses WebSite Reputation