List,
I'm going to abuse the list a little bit, and poke your brains for
a while, so be prepared :)
The w3af project wants to implement its own REST API to expose the
w3afCore and KnowledgeBase objects. The core allows users to configure
the plugins and start the scan, and the knowledge base holds the
vulnerabilities.
You guys implemented a REST API for sqlmap, which has been up and
running for a while now.
What I wanted to know is:
* What's the technology stack you guys used for creating the REST API?
* Were you happy with it? Would you use something different if
you had the chance?
* Have you tested the API under heavy load?
* Do you have the concept of sessions and users in the API? Why not?
* Any recommendations on API design? (paths, results, hrefs, etc.)
Thanks!
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
