Andres, Sorry for late response. I was in business trip. By the way I begin to write on russian and english about W3AF in my secure blog [0]
> I've been playing with your branch for a couple of hours, and now > we are ready to launch plugins from any HTTP request and find > vulnerabilities! Great =) > Some comments: > - The vulns are only shown in the console (print vuln), but all > the rest is working. I will develop some GUI message alert and fix bugs on this week. And everything will be beautiful =) By the way what do you think about when we will merge trunk and my branch? My questions about your commit in ReqResViewer: + # Parse the request text + head,postdata = self.request.getBothTexts() + request = httpRequestParser(head, postdata) - Why did you in this situation use method getBothTexts() instead of getObject() which already returns request object? - Why did you declare ThreadedURLImpact class inside _auditRequest() method? > Your code for reqResViewer looks nice, it seems that you have much > more GTK skills that me =). Thanks, I simply try to write good code which will be simple to maintain =) [0] http://securityaudit.blogspot.com/2009/07/w3af-proxy-v2-current-status.html -- Taras ---- "Software is like sex: it's better when it's free." - Linus Torvalds
pgprC7vyGlwDZ.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
