> Just wanted to let you know what's new with w3af these days :) > > * Taras is working on improving the XSS detection with the aim of > increasing accuracy and reducing the number of HTTP requests PoC is finished and available in xss branch. Working on stabilization and tests. It uses concept of context detection and breaking of it. plugins/tests/test_xss.py is passed.
> * I'm working on a *huge* refactoring that will allow us to run more > than one plugin at the same time in different threads; which should > drastically increase scanning speed > * I've completed the new error handling for plugins a couple of weeks > ago and users should be already benefiting from it + Taras is also working on web20Spider which gives w3af possibility to at least crawl modern web apps with heavy usage of AJAX. I think PoC will be finished in the nearest days. I use PhantomJS/CasperJS for browser iterations. Currently the code can crawl states of web app (clicks on a and img objects). > As you can see for the SVN timeline [0] there is a lot of action > going on. Want to join? Let me know and I'll help you with the first > steps, > > [0] > http://sourceforge.net/apps/trac/w3af/timeline?from=06%2F25%2F12&daysback=30&changeset=on&update=Update > > Regards, -- Taras http://oxdef.info ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
