Andres,
Sorry for the delay, but I was developing other plugins more interesting,
let me a few weeks and you'll see. :>
I don't like the word find in the plugin and maybe it is wrong to call it
dvcs as it supports svn and cvs. I don't know what would be the correct name
.
These new files used are more correct than the others and ensure the
existence of a repository.
http://code.google.com/p/tvelazquez/source/browse/pentest/w3af-plugins/crawl/find_dvcs.py
Regards,
PD: I would love a w3af stable version :> Is there a roadmap? I think the short
development cycles would be good idea.
http://zaproxy.blogspot.com.es/2012/10/zap-weekly-releases.html
On Mon, Oct 29, 2012 at 11:34 PM, Andres Riancho
<andres.rian...@gmail.com>wrote:
> Tomas,
>
> On Fri, Oct 12, 2012 at 12:02 PM, Andres Riancho
> <andres.rian...@gmail.com> wrote:
> > Tomas,
> >
> > On Sun, Oct 7, 2012 at 2:55 PM, Tomas Velazquez
> > <tomas.velazqu...@gmail.com> wrote:
> >> Andres,
> >>
> >> I don't touch find_dvcs because it's a code of Adam Baldwin and I don't
> know
> >> if he let me change your code ... ok I will add my code to find_dvcs :)
> >
> > It is open source, and if you're improving it... nobody will complain.
> >
> > I'm not saying that you HAVE to use find_dvcs, I was just mentioning
> > that the plugins look alike and that before replacing one with the
> > other (or something similar) we should understand what each provides.
> > Note that we shouldn't leave both, that would only confuse users.
> >
> >> find_dvcs uses this strings to check existence of repositories:
> >> .git/HEAD
> >> .hg/requires
> >> .bzr/README
> >>
> >> I use the repository index files to check this. Should I keep these
> files
> >> previously mentioned?
> >
> > You should use the files you think are more convenient to reduce the
> > amount of HTTP requests and increase the quality of the detection. For
> > example, could .bzr/README be removed and the bzr repository still
> > work? Could the content be edited manually and make the detection fail
> > for that? In the case of the "repository index files" it sounds like
> > if you remove/edit those the repository will not work.
>
> Did you have the time to merge these two plugins? I would love to
> review that code, add it to the threading2 branch and remove this from
> my TODO list :)
>
> Regards,
>
> >> Regards
> >>
> >>
> >> On Fri, Oct 5, 2012 at 9:44 PM, Andres Riancho <
> andres.rian...@gmail.com>
> >> wrote:
> >>>
> >>> List, Tomas,
> >>>
> >>> > -
> >>> >
> https://code.google.com/p/tvelazquez/source/browse/pentest/w3af-plugins/crawl/rcs.py
> >>>
> >>> I noticed that this is an improvement for find_dvcs [0], which adds
> >>> features for detecting SVN, CVS, etc. and also parsing some of the
> >>> identified files; neat! What else is in this file? Why a rewrite
> >>> instead of just adding stuff to find_dvcs?
> >>>
> >>> [0]
> >>>
> https://sourceforge.net/apps/trac/w3af/browser/branches/threading2/plugins/crawl/find_dvcs.py
> >>>
> >>> Regards,
> >>> --
> >>> Andrés Riancho
> >>> Project Leader at w3af - http://w3af.org/
> >>> Web Application Attack and Audit Framework
> >>> Twitter: @w3af
> >>> GPG: 0x93C344F3
> >>
> >>
> >
> >
> >
> > --
> > Andrés Riancho
> > Project Leader at w3af - http://w3af.org/
> > Web Application Attack and Audit Framework
> > Twitter: @w3af
> > GPG: 0x93C344F3
>
>
>
> --
> Andrés Riancho
> Project Leader at w3af - http://w3af.org/
> Web Application Attack and Audit Framework
> Twitter: @w3af
> GPG: 0x93C344F3
>
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
