Andres, > Lists, > > Yesterday I committed a new feature to the framework, it's simple > but really handy in some cases. Now w3af allows you to export the HTTP > requests to javascript and python. The idea is to be able to reproduce > the same requests from different places. In the first case, the > javascript exporting will be mainly used for XSS exploitation; while > the python export feature is handy to send a python script to your > client to say: "run this to reproduce your problem". > > The new feature can be found in the SVN trunk, more precisely in > the GTK user interface toolbar. > > What do you guys think?
Looks like nice feature =) I have some comments about it: > request = urllib2.Request(url, data, headers) > response = urllib2.urlopen(request) > response_body = response.read() > print response_body What will be if HTML output will be really big? May be it will be useful to add some filter to output and print it like: " ... <script>alert(/XSS/)</script><h1> ... " -- Taras ---- "Software is like sex: it's better when it's free." - Linus Torvalds
pgpIyNQQsiyTE.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
