Lists,
After reading "Practical HTTP Host header attacks" [0] I thought
it would be fun to have a plugin that could detect (some) of the
attacks explained there.
Since I'm focusing on other things over the next weeks, but still
can spend some hours on w3af, I thought that I could mentor someone to
write this plugin. So, if you never wrote a plugin, never read w3af's
source code, etc. and have time to spend doing geeky stuff, answer
this email and I'll mentor you during the whole process of writing the
plugin :)
[0]
http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html
[1] https://github.com/andresriancho/w3af/issues/314
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and
their applications. This 200-page book is written by three acclaimed
leaders in the field. The early access version is available now.
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
