Bertrand,
On Thu, Dec 9, 2010 at 3:57 AM, Bertrand Dupre <du...@ill.fr> wrote:
> Hello,
>
> I would like to contribute to W3af.
> I worked on a way to detect Apache servers vulnerable to Slowloris DoS
> attacks.
> I would like to add it in W3af.
Great!
> What is your opinion?
We already discussed about this some months ago (0). My opinion is
simple, if we can detect the vulnerability without actually performing
a DoS attack, lets do it :) The only issue that I see is that maybe
our HTTP library (xUrllib, based on urllib2) might not be able to send
the customized (and probably our of protocol) HTTP requests. What's
the technique you're going to use to detect this vulnerability?
(0)
http://sourceforge.net/mailarchive/forum.php?forum_name=w3af-users&max_rows=25&style=nested&viewmonth=200906
> Best Regards
> Bertrand Dupré
>
> ------------------------------------------------------------------------------
> This SF Dev2Dev email is sponsored by:
>
> WikiLeaks The End of the Free Internet
> http://p.sf.net/sfu/therealnews-com
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
------------------------------------------------------------------------------
Lotusphere 2011
Register now for Lotusphere 2011 and learn how
to connect the dots, take your collaborative environment
to the next level, and enter the era of Social Business.
http://p.sf.net/sfu/lotusphere-d2d
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
