Aaron, On Thu, Apr 30, 2009 at 4:59 PM, Aaron Peterson <aa...@midnightresearch.com> wrote: > Hello: > > On Wed, Apr 29, 2009 at 08:20:47PM -0300, Andres Riancho wrote: >> On Wed, Apr 29, 2009 at 7:55 PM, Robert Carr <carr.m.rob...@gmail.com> wrote: >> > 1. Iterative scans of a website >> > ??? Basically I like to get a saved discovery then run different scan types >> > against a site. (using tools that allow it) Especially with those >> > ??? touchy clients who have crappy sites. >> >> Ok, it seems that this is a common use case, because I've heard it >> more than once. > > I definitely agree on this one (and the others in this thread). Maybe > something that would help a little in the interim would be to have an > exportResults output plugin that corresponds with the importResults plugin > that > gets run after the discovery phase? Other than grepping through the text > logs, > is there any comparable functionality right now? > > I could potentially work on something like this if it would be useful.
In the misc settings menu, you have an export fuzzable requests option, check that out. I know that this is not a complete solution, but at least it is something! >> > 2. Webserver or heaven forbid w3af fails during a scan.? Being able to save >> > the discovery before scanning would be awesome. >> >> Yes, I also heard this and I would like to give you an answer... but... I >> still don't have it. I think that we could work on something to get w3af >> sessions working. >> >> > 3. Reporting. Since Burp is on the table, having the ability to re-open >> > saved state and actually review the requests/responses is great. This can >> > already be done with w3af with the text output, but it is convenient to >> > have everything in a state file. (application settings, data) >> >> Ok, > > Another unrelated note I have on the reporting front -- Something that would > be > nice is to be able to have more control over filtering/combining report > output. > One thing that might help would be to put a unique plugin id in each > vulnerability listed in the xml output file. That way I could filter out an > entire plugin's output or more easily combine reports when needed. > > Speaking of this, is there any xslt or other way to transform the xml into a > html or text report? In the rickybobby branch, Robert Carr is working on adding a unique numeric identifier to each vulnerability discovered by w3af. This will help you in the process of filtering, but it will take some time until he finishes up his work. If you want, you could send him an email and help him! =) >> > 4. Pausing a scan. I hate doing this, but sometimes you have to, especially >> > when you have very restrictive scan windows. With Burp, when you are >> > finished you can pick up where you left off and you have only one state >> > file, not 1 half finished and another full etc.. >> >> I failed to understand this one, > > Being able to pause a scan would definitely be nice (but I suspect it would > also require w3af sessions). I have a site I'm working on now that only has a > 3 hour window per day that I can work on it. Well... you could run w3af in a vmware, and pause the vmware ;) ;) ;) ;) > > HTH, > > Aaron > -- Andrés Riancho http://www.bonsai-sec.com/ http://w3af.sourceforge.net/ ------------------------------------------------------------------------------ Register Now & Save for Velocity, the Web Performance & Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance & Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
