Andres Riancho wrote: > List, > > I would like to hear your opinions on how w3af covers WASSEC [0] > > [0] http://sites.google.com/site/wassec/final-draft > > Cheers,
You may also want to look at a related OWASP project: http://www.owasp.org/index.php/Category:OWASP_Web_Application_Scanner_Specification_Project I know the project leads of the WASSEC and OWASP projects have been in communication and both agree each project has a different focus. WASSEC is more about what features should be considered when doing a scanner evaluation and how to conduct a formal evaluation. OWASP Web Application Scanner Specification Project is a specification for how to build better scanners geared towards someone creating a scanner. I think both projects would be useful to w3af to ensure its the best possible web app scanner. I've CC'ed the OWASP project lead on this so he can better explain his project if I've left something out. -- Matt Tesauro OWASP Live CD Project Lead http://www.owasp.org/index.php/Category:OWASP_Live_CD_2008_Project http://mtesauro.com/livecd/ - Documentation Wiki ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
