Taras, On Wed, May 20, 2009 at 6:27 PM, Taras P. Ivashchenko <naplan...@gmail.com> wrote: > Andres, > >> > For the first I made some clean-up of GUI: >> > - in history tab added "Clean" button for viewing all entries >> >> I think that if the user hasn't supplied a search string, the "clear >> button" should be "clicked" after every request is sent to the >> browser. This way, we'll get always an updated list of requests there. >> Also, if the user is filtering with a search, the "Find" button should >> be "clicked" after each request is sent to the browser. >> >> What do you think about this idea? > > As I thought about it and it's good idea. I'll try to implement it. > >> It would be really cool to be able to edit the headers in the headers >> tab (only on the request being intercepted). > It will be. > >> > * rednered response now also in tab >> This is nice, but in the past brought some problems like "stack >> overflows" and wicked things. But lets try it again, I really think >> that we need the rendered view. > Yes, for this moment I only forced to work fine gtkhtml2 rendering engine. > With mozilla I have some problems( > >> What about adding the "Options" tab just like in burp suite? I think >> that that tab is one of the most important ones, and we'll be able to >> do *really interesting* things with it, > Yes, we can move options to sepate tab (and it seems that we will do it :) > and it's really simple task so I decided to decrease it's priority. > For the first I want to make really stable and clean code. > >> > - w3af plugin integration >> >> I think that this will be pretty easy, we just need a button that when >> clicked displays a menu with all the plugins from the audit and grep >> types in a small tree, and when the user clicks over the plugin name, >> the plugin is run with the request/response as a parameter. > > What about results of for example audit/xss plugin work. Where in W3AF GUI > user will > immediately watch the result of plugin work? In Results tab of main window?
hmmm, good question. I think that the best is to have all the info in one place. If we have the results for something in the proxy window, and the result for the scan in another window, that may confuse the users, right? I'm not 100% sure... what do you think? What's the best option? >> > - HEX editing? 0_o >> >> I'm attaching a hex editor that I was trying to do some time ago. It >> is based on some code I found on the internet. I think it's 100% >> usable and in the future we'll be able to modify it a little bit in >> order to get a fully functional hex editor in gtk. > > Great, thanks! > > -- > Тарас Иващенко (Taras Ivashchenko), OSCP > www.securityaudit.ru > ---- > "Software is like sex: it's better when it's free." - Linus Torvalds > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
