Windows | Games | Mobile | Wallpapers


w3af 1.0 RC2

w3af is a Web Application Attack and Audit Framework.


Last Week downloads: 1
Total downloads: 638
  • Last Updated: Nov 25, 2009
  • License: GPL Free
  • OS: Linux
  • Requirements: No special requirements

User reviews

4 out of 5 based on 2 ratings for w3af 1.0 RC2

For w3af 1.0 RC2Publisher's description


w3af is a Security software developed by Andrés Riancho. After our trial and test, the software is proved to be official, secure and free. Here is the official description for w3af:

EditByBSEditor: w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. To read our short and long term objectives, please click over the Project Objectives item in the main menu.


urllib2 wrapper
In order to send requests to te remote server w3af uses urllib2. The xUrllib module of w3af is a wrapper of urllib2 to make the plugin writer life easier, using this wrapper a plugin writer can forget about proxy's, proxy auth, basic/DIGEST auth, etc. This is the complete list of features provided by xUrllib:

- Proxy
- Proxy auth ( basic and digest )
- Site auth ( basic and digest )
- Gracefully handle timeouts
- UserAgent faking
- Add custom headers to requests
- Cookie handling
- Local Cache for GET and HEAD requests
- Local dns cache, this will speed up scannings. Only one request is made to the DNS server
- Keep-alive support fot http and https connections
- File upload using multipart POST requests
- SSL certificate support

Output Management
w3af provides plugin writers with an Abstraction Layer for data output using the Output Manager. The output manager can also be extended using plugins and can be used for writing results to a txt/html file or sending them over the network using scp, the options are endless. Available ouput plugins are:
- Console
- Text file

Web Service support
w3af knows how to parse WSDL files, and audit webservices. Plugin developers can write a simple plugin that will be able to find bugs in web services and also in common HTTP applications.

HTTP headers fuzzing
w3af supports finding bugs in HTTP headers with great ease!

IPC ( inter plugin communication :P) can easily be done using the Knowledge Base, another w3af feature thats really usefull for plugin developers.
you can free download w3af 1.0 RC2 now.


Please be aware that Brothersoft do not supply any crack, patches, serial numbers or keygen for w3af,and please consult directly with program authors for any problem with w3af.