In case anyone else is interested in this, someone else has already created
a system to scan and detect HTTP parameter pollution vulnerabilities. They
don't provide the source for their tool but it can be found here:
http://papas.iseclab.org/cgi-bin/index.py
Their paper describing how it works can be found here:
http://www.iseclab.org/people/embyte/papers/hpp.pdf
I plan on reading it and taking a shot at implementation as a w3af plugin.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
