ugh the website?
> ---
> ---
> ___
> W3af-users mailing list
> W3af-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
://github.com/andresriancho/w3af/issues?milestone=3page=1state=open
[1] https://github.com/andresriancho/w3af/issues?milestone=9page=1state=open
Regards,
--
Taras
https://www.oxdef.info
, etc. here [0]. All your bug reports
will be much appreciated!
Thanks!
[0] https://github.com/andresriancho/w3af/issues/new
[1] http://docs.w3af.org/en/develop/gui/scanning.html#configuring-the-scan
Regards,
--
Taras
https://www.oxdef.info
30, 2014 at 10:40 AM, Andres Riancho
andres.rian...@gmail.com wrote:
And if inside the virtualenv you run:
pip freeze | grep gtk
You get something?
On Sun, Mar 30, 2014 at 10:26 AM, Taras ox...@oxdef.info wrote:
Ok, install them all. Try ./w3af_gui
Actual result:
$ ./w3af_gui
The GTK
Andres, it is strange but now everything is fine...
I see normal tree in KB Browser.
30.03.2014 20:27, Andres Riancho пишет:
Taras,
Can't repro (see screenshot). If you see the console where you're
running w3af_gui , is there anything there that could be useful?
Traceback? Error
, but
wanted to hear your input and experiences with architectures like the
one proposed.
Regards,
On Tue, Jun 5, 2012 at 10:03 AM, Andres Riancho
andres.rian...@gmail.com wrote:
Taras,
On Mon, Jun 4, 2012 at 5:00 PM, Taras ox...@oxdef.info wrote:
Andres,
geventhttpclient looks very fast HTTP
-tastypie.readthedocs.org/en/latest/index.html
[3] https://raw.github.com/toastdriven/django-tastypie/master/docs/index.rst
--
Taras
https://www.oxdef.info
--
Learn Graph Databases - Download FREE O'Reilly Book
Graph Databases
Andres,
w3af's code repo has been migrated to github!
Great news! So it's time to study git...:) I can help with moving wiki stuff
and so on.
--
Taras
http://oxdef.info
GPG: C8D1F510
--
Master Visual Studio
and fixed bugs
Our plans to 3.4
* False positive issues management
[0] http://w3af.svn.sourceforge.net/svnroot/w3af/extras/w3af_webui/tags/3.3/
--
Taras
http://oxdef.info
GPG: C8D1F510
--
Live Security
/branches/webapps/plugins/discovery/web20Spider.py
[1]
http://sourceforge.net/apps/trac/w3af/browser/branches/webapps/moth/w3af/discovery/web20Spider
--
Taras
http://oxdef.info
--
Live Security Virtual Conference
Exclusive
Just wanted to let you know what's new with w3af these days :)
* Taras is working on improving the XSS detection with the aim of
increasing accuracy and reducing the number of HTTP requests
PoC is finished and available in xss branch. Working on stabilization
and tests. It uses concept
this now)
I don't think that it will have real advantages over keeping XSS
detection logic in one place.
+ Taras is also working on web20Spider which gives w3af possibility to at
least crawl modern web apps with heavy usage of AJAX. I think PoC will be
finished in the nearest days. I use
of fast HTTP clients? Opinions?
Ideas?
[0] http://sourceforge.net/apps/trac/w3af/browser/extras/measure_http?rev=5041
[1] https://github.com/gwik/geventhttpclient
Regards,
--
Taras
http://oxdef.info
--
Live Security
/
--
Taras
http://oxdef.info
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint
;)
On 05/17/2012 06:59 PM, Stephen Breen wrote:
Great! I look forward to trying it out.
Just curious, how to you plan to support AJAX webapps in 3.3? Using some
kind of browser automation like Selenium?
On Thu, May 17, 2012 at 11:47 AM, Taras ox...@oxdef.info
mailto:ox...@oxdef.info wrote
Done! Now in csrf branch only new CSRF plugin needs QA.
On 04/24/2012 10:42 PM, Andres Riancho wrote:
Taras,
Nice! Could you please merge it to the trunk?
I'll write a nice unit-test for it tomorrow.
Regards,
On Tue, Apr 24, 2012 at 1:46 PM, Tarasox...@oxdef.info wrote
--
Taras
http://oxdef.info
--
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
Everybody ping :)
lukesun629@, you was interested in HTML5 security risks. Did you try
this simple plugin to detect possible ClickJacking flaws?
On 04/03/2012 04:11 PM, Taras wrote:
Andres,
what do you think about it?
01.04.2012 21:36, Taras пишет:
Hi, all!
Just want to inform you
/clickJacking.py
[1] https://www.owasp.org/index.php/Clickjacking
[2]
w3af.svn.sourceforge.net/viewvc/w3af/branches/csrf/extras/testEnv/webroot/w3af/grep/clickjacking/
--
Taras
http://oxdef.info
--
This SF email is sponsosred
job,
but web UI looks better choice ;)
We will be glad to get feedback from you!
[0] https://w3af.svn.sourceforge.net/svnroot/w3af/extras/w3af_webui/trunk/
--
Taras
http://oxdef.info
--
This SF email is sponsosred
:)
* Blog
we can use here existing platform, e.g. blogger.com
* @w3af twitter feed frame
* (potentially) Mailing list archives
* (potentially) Homepage for contributors (ie.
http://www.w3af.org/contributor/~taras/)
--
Taras
http://oxdef.info
be subjectively but every page in our Trac takes on my really
good connection about 3-5 sec to load.
Horrible:
1. can't edit issues
2. not user friendly UI
3. there is no dashboard/custom (per user) reports or saved filters
--
Taras
http://oxdef.info
,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
___
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
http
--
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
___
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
http
your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
___ W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
http://oxdef.info
Software is like
, and making the user experience more intuitive in the UI.
As usual, you can get our latest installable packages from the
w3af.com [0] website! Just download and enjoy our latest improvements!
[0] http://w3af.sourceforge.net/#download
Regards,
--
Taras
http://oxdef.info
Software is like sex
Hi, Damian!
We currently don't support Python 3.x :(
Hi all,
I have a problem with running w3af with Python31. I get an exception in
w3af_console line 23 - syntax error - invalid syntax.
Thank you in advance.
Cheers,
Damian
--
Taras
http://oxdef.info
.
If you're interested in the changes I've introduced, please take a
look at these commits [1][2]
[0] http://en.wikipedia.org/wiki/Bloom_filter
[1] http://w3af.svn.sourceforge.net/w3af/?rev=3787view=rev
[2] http://w3af.svn.sourceforge.net/w3af/?rev=3788view=rev
Regards,
--
Taras
http
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
___
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
http://oxdef.info
://w3af.svn.sourceforge.net/viewvc/w3af/branches/1.0/
--
Taras
http://oxdef.info
Software is like sex: it's better when it's free. - Linus Torvalds
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
--
Taras
http
are a developer with Python skills and are good at Web
application security, please contact me at andres_rian...@rapid7.com.
Regards,
--
Taras
http://oxdef.info
Software is like sex: it's better when it's free. - Linus Torvalds
ping
On Mon, 2010-08-23 at 11:59 +0400, Taras wrote:
Andres,
1. Usable login area scan capabilities. We can make something like in
Acunetix (How it made in other scanners).
e.g. special (plain text) files with auth information:
- login request
- logout request
- check
and are good at Web
application security, please contact me at andres_rian...@rapid7.com.
Regards,
--
Taras
http://oxdef.info
Software is like sex: it's better when it's free. - Linus Torvalds
--
The Palm PDK
this or when it might be fixed?
--
Taras
http://oxdef.info
Software is like sex: it's better when it's free. - Linus Torvalds
--
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone
:
http://p.sf.net/sfu/thinkgeek-promo
___
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
Taras
http://oxdef.info
Software is like sex: it's better when it's free. - Linus
automatically.
Why happens that???
Thanks.-
--
Taras
--
___
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
at http://nmap.org/survey
Regards
--
Henri
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Taras
Software is like sex
is using of
maxDiscoveryLoops option.
But what is the best way to scan such sites with w3af? May be we will
add some option to webSpider or we need some core option?
[0]
http://sourceforge.net/mailarchive/message.php?msg_id=140339.90793.qm%40web43507.mail.sp1.yahoo.com
Taras
--
Software is like
, and I like it! =)
[0]
https://factset.tms.hrdepartment.com/cgi-bin/a/highlightjob.cgi?jobid=281lcid=en-US
--
Taras
--
Software is like sex: it's better when it's free., - Linus Torvalds.
smime.p7s
Description: S/MIME Cryptographic Signature
Andres,
One of the biggest TODOs that the w3af project has in order to
compete with the commercial scanners is Javascript support.
could you please write more about this support?
What W3AF must can to do with JavaScript and what the purpose of such
support?
--
Taras - OSCP, OSWP
to add some filter to output and print it like:
...
scriptalert(/XSS/)/scripth1
...
--
Taras
Software is like sex: it's better when it's free. - Linus Torvalds
pgpyJpON5h2cp.pgp
Description: PGP signature
Andres,
Damn... I sound very bad! :)
It's strange to hear myself
http://pauldotcom.com/2009/06/pauldotcom-security-weekly---w.html
you are becoming media star =)
I downloaded it in my N82 and will listen soon.
--
Taras
Software is like sex: it's better when it's free. - Linus Torvalds
.
[0] http://2009.confidence.org.pl/warsztaty/andres-riancho-w3af-ninja
[1]
http://2009.confidence.org.pl/warsztaty/andres-riancho-web-application-security
--
Taras P. Ivashchenko naplan...@gmail.com
--
Crystal Reports
] or download source video [1]
[0] http://securityaudit.ru/slides/t.ivashchenko-w3af-ruscrypto2009.pdf
[1] http://securityaudit.ru/slides/w3af-ruscrypto2009.ogv
[2] http://www.youtube.com/watch?v=exBktG0rwFUfeature=player_embedded
--
Тарас Иващенко (Taras Ivashchenko), OSCP
www.securityaudit.ru
44 matches
Mail list logo