Devs,
I'm about to commit some HUGE changes to w3afCore.py, I've
basically moved 90% of the code out of that module and created
independent modules for:
* plugin configuration
* profile configuration
* target configuration
* progress reporting
* status
* strategy to be used during the scan (in which order plugins are run)
After moving those things around, the w3afCore class API has
changed, for example before you called w3afCore.setPlugins(...) and
now you'll have to call w3afCore.plugins.setPlugins(...). I've changed
this in the consoleUI and gtkUI, and extensively tested it. If you're
working in the webUI or some other UI that I don't know of... sorry to
make you work a little bit more!
This change was very much needed... now we can unit-test all the
modules enumerated above (I've already created lots of unit-tests for
them) and we can also play around with the scan strategy without the
fear of changing a w3afCore.py that had ~1500 [0] lines of very hard
to test code. Once this is stable (tomorrow after fixing the user
reported bugs), I'll start playing with different scan strategies in a
branch (after all... this was my real objective!).
[0]
https://sourceforge.net/apps/trac/w3af/browser/trunk/core/controllers/w3afCore.py
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
